On Fri, Oct 2, 2015 at 12:52 PM, Andy Zhou <az...@nicira.com> wrote: > On Fri, Oct 2, 2015 at 6:06 AM, Flavio Leitner <f...@redhat.com> wrote: >> On Thu, Oct 01, 2015 at 03:47:12PM -0700, Andy Zhou wrote: >>> > Our default systemd unit files don't make use of the --user option that >>> > requires this library, but conceivably someone may want to customize >>> > them and use this option. >>> >>> Any down side if we change the unit files to make use of --user option >>> by default, like how Apache runs? >> >> Does OVS re-open any resources in run-time? >> ovs-appctl vlog/reopen for instance might break because of lack of >> permissions. > Since daemon is doing the reopen, I'd think it should be O.K. >> >> SELinux might not like some operations being done with a different user. >> > I don't know much about SELinux. Just noticed that OVS package won't > install on a RHEL 7 > where SELinux is turned on by default. It would be good for OVS to > co-exist with SELinux. > Any input or guidance will be greatly appreciated.
I just sent out a patch that fixes SElinux "installation" issue on RHEL and CentOS: http://openvswitch.org/pipermail/dev/2015-October/060892.html However, I would not be surprised that that there is some more SElinux tuning required. > >> fbl > _______________________________________________ > dev mailing list > dev@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
