[ovs-dev] [PATCH 2/3] selinux.rst: point to the correct file
Aaron Conole
aconole at redhat.com
Fri Sep 1 17:17:39 UTC 2017
The selinux documentation mentions to check the selinux/openvswitch.te file
for any permissions that might need to be added. However, the commit
7bc1aae71e89 ("rhel: make the selinux policy intermediate") moved this
file to be generated from intermediate file selinux/openvswitch.te.in
instead.
Correct the documentation, so that users won't be trying to edit a generated
file.
Also, add a gitignore for the autogenerated file.
Fixes: 7bc1aae71e89 ("rhel: make the selinux policy intermediate")
Reported-by: Ansis Atteka <aatteka at ovn.org>
Signed-off-by: Aaron Conole <aconole at redhat.com>
---
Documentation/howto/selinux.rst | 2 +-
selinux/.gitignore | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
create mode 100644 selinux/.gitignore
diff --git a/Documentation/howto/selinux.rst b/Documentation/howto/selinux.rst
index ad556da..4809639 100644
--- a/Documentation/howto/selinux.rst
+++ b/Documentation/howto/selinux.rst
@@ -136,7 +136,7 @@ Then verify that this module was indeed loaded::
openvswitch 1.1.1
If you still see Permission denied errors, then take a look into
-``selinux/openvswitch.te`` file in the OVS source tree and try to add white
+``selinux/openvswitch.te.in`` file in the OVS source tree and try to add white
list rules. This is really simple, just run SELinux audit2allow tool::
$ grep "openvswitch_t" /var/log/audit/audit.log | audit2allow -M ovslocal
diff --git a/selinux/.gitignore b/selinux/.gitignore
new file mode 100644
index 0000000..83a0afb
--- /dev/null
+++ b/selinux/.gitignore
@@ -0,0 +1 @@
+openvswitch-custom.te
--
2.9.4
More information about the dev
mailing list