On 20 January 2016 at 15:36, Ben Pfaff <b...@ovn.org> wrote: > On Wed, Jan 20, 2016 at 03:34:49PM -0800, Ben Pfaff wrote: > > On Wed, Jan 20, 2016 at 02:59:03PM -0800, Ansis Atteka wrote: > > > CentOS, RHEL and Fedora distributions ship with their own Open vSwitch > > > SELinux policy that is too strict and prevents Open vSwitch to work > > > normally out of the box. > > > > > > As a solution, this patch introduces a new package which will "loosen" > > > up "openvswitch_t" SELinux domain so that Open vSwitch could operate > > > normally. > > > > I could not get this to apply. > > Oh, I guess that's because it's for branch-2.4. Just for branch-2.4? > We aren't going to get it on master first and backport it? That's > unusual... >
It was developed against branch-2.4, because 1. OVS does not work on default Fedora23 installation (ie. SELinux denies access to NetLink sockets). This means that backporting to older branches needs to be done anyway. 2. I chose version 2.4. (opposed to any other OVS version) because this needs to be done in tandem with outstanding --user patches targeted for OVS 2.5. I just wanted to test upgrade path from OVS 2.4 to OVS 2.5+(--user). I created a new spec file because I imagined that this SELinux policy package could be used on both Fedora and RHEL. _______________________________________________ > dev mailing list > dev@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev > _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
