openstack-manuals

Chapter 41. SVirt/SELinux clarification

Bug #1342829 reported by N Dillon on 2014-07-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	openstack-manuals	Fix Released	Low	Andreas Jaeger

Bug Description

Clarify SELinux/sVirt context - is it different every time (ie, every time you run it, the context changes?), or is it separate?

Currently doc reads: "When using sVirt, SELinux is configured to run every QEMU process under a different security context."

Recommended change: "When using sVirt, SELinux is configured to run each QEMU process under a separate security context."
-----------------------------------
Built: 2014-07-16T11:22:55 00:00
git SHA: f3f89b2859c9baae9a0415bf7dab5ef8d20c12a9
URL: http://docs.openstack.org/security-guide/content/hardening-the-virtualization-layers.html
source File: file:/home/jenkins/workspace/security-doc-tox-doc-publishdocs/security-guide/ch_hardening-the-virtualization-layers.xml
xml:id: hardening-the-virtualization-layers

Gauvain Pocentek (gpocentek) on 2014-07-30

Changed in openstack-manuals:
status:	New → Confirmed
importance:	Undecided → Low

Andreas Jaeger (jaegerandi) on 2014-08-10

Changed in openstack-manuals:
assignee:	nobody → Andreas Jaeger (jaegerandi)

OpenStack Infra (hudson-openstack) on 2014-08-10

Changed in openstack-manuals:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-14: Fix merged to security-doc (master)

Reviewed: https://review.openstack.org/113142
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=733e5a8ca50a12c55be046b84b9e8db3bda2ad14
Submitter: Jenkins
Branch: master

commit 733e5a8ca50a12c55be046b84b9e8db3bda2ad14
Author: Andreas Jaeger <email address hidden>
Date: Sun Aug 10 20:09:22 2014 +0200

Improve "Hardening the virtualization layer"

    Various edits as suggested in bug reports:
    * Use variablelist to follow conventions for markup, improve paragraph
      for clarity.
    * Clarify a sentence about SELinux.
    * Improve CFLAGS recommendation.
    * Reword QEMU recommendation.

    Change-Id: I28fdb67a9103e3263944a3b22a44cfc16917473e
    Closes-Bug: #1342862
    Closes-Bug: #1342829
    Closes-Bug: #1342826
    Closes-Bug: #1342432

Changed in openstack-manuals:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.