04.01.2013 13:56, Andrew Beekhof wrote: > On Fri, Jan 4, 2013 at 4:27 PM, Vladislav Bogdanov <bub...@hoster-ok.com> > wrote: >> 04.01.2013 06:07, Andrew Beekhof wrote: >>> On Wed, Dec 19, 2012 at 7:33 PM, Vladislav Bogdanov >>> <bub...@hoster-ok.com> wrote: >>>> Hi all, >>>> >>>> I'd like to share my successful attempt to confine pacemaker. >>>> >>>> I took pacemaker module barebone found in latest fedora's selinux-policy >>>> (3.11.1-64.fc18) and >>>> extended it a bit, so now I have pacemaker and some pacemaker-managed >>>> services >>>> running confined. >>> >>> Sweet. I've passed your amendments on to Milos who is looking after >>> https://bugzilla.redhat.com/show_bug.cgi?id=801493 >> >> I've extended it a bit more to run stonithd in fenced_t domain, so now >> everything I can imagine runs fine (verified on two clusters, including >> one with libvirt/qemu virtualization). > > Nice work :) > >> Where is the best place to follow up with that? > > Probably the redhat bug.
I'm afraid no. It was just closed, and, looking at the errata package, I do not see any way to run any confined service with that. I saw your question about possibility to run resources there in a bug-report, but unfortunately I'm not allowed to see replies. Is it answered at all? Vladislav _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
