On Mon, Jul 15, 2013 at 12:58:36PM -0400, Matthew Miller wrote: > On Mon, Jul 15, 2013 at 05:37:26PM +0100, Daniel P. Berrange wrote: > > > and those audiences only. In particular, applications, mechanisms > > > and general-purpose operating systems must never include any > > > authorization rules. > > What/where's the problem you're seeing ? > > Not necessarily a problem -- just a clarification, which I guess I should > have been more clear on myself. :) This is just changing libvirt so that > these auth policy files will work, not shipping any, right?
Yes, libvirt is just calling pkcheck with suitable arguments. The admin is the one writing the policy files, which is what we need to document the process for. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
