Attached is ksm module. If virtualization is installed then ksm and ksmtuned services are enabled by default.
Currently they run in initrc_t. It seems the initrc_t domain has sufficient permissions for ksm tune daemon.
The policy is not thoroughly tested yet and so i left ksmtuned_t permissive.
On 11/21/2009 02:42 PM, Dominick Grift wrote:
Attached is ksm module. If virtualization is installed then ksm and ksmtuned services are enabled by default.
Currently they run in initrc_t. It seems the initrc_t domain has sufficient permissions for ksm tune daemon.
The policy is not thoroughly tested yet and so i left ksmtuned_t permissive.
Patch:
allow ksmtuned_t self:capability sys_ptrace;
On 11/21/2009 02:42 PM, Dominick Grift wrote:
Attached is ksm module. If virtualization is installed then ksm and ksmtuned services are enabled by default.
Currently they run in initrc_t. It seems the initrc_t domain has sufficient permissions for ksm tune daemon.
The policy is not thoroughly tested yet and so i left ksmtuned_t permissive.
Anther patch:
allow ksmtuned_t self:capability sys_tty_config;
selinux@lists.fedoraproject.org