On Wed, Aug 12, 2009 at 04:32:48PM +0100, Matthew Booth wrote:
On 12/08/09 16:22, Richard W.M. Jones wrote:
> This is a pretty uncontroversial patch which just allows the
> selinux=? and enforcing=? flags on the kernel command line
> to be controlled.
>
> Currently libguestfs unconditionally passes selinux=0. By default
> this patch does the same thing, but allows programs to enable SELinux
> in the kernel and/or set it to enforcing mode.
Patch looks ok except that we shouldn't include the enforcing flag. I
can't conceive of any reason we'd want SELinux in enforcing mode in the
appliance. If selinux=1, then assume enforcing=0.
Does it do any harm (now that I've written the code anyway)?
Rich.
--
Richard Jones, Emerging Technologies, Red Hat
http://et.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top