virt: unconfined_t is optional

author Dominick Grift <domg472@gmail.com>

Fri, 15 Jul 2011 08:40:52 +0000 (10:40 +0200)

committer Dominick Grift <domg472@gmail.com>

Fri, 15 Jul 2011 13:00:38 +0000 (15:00 +0200)
author Dominick Grift <domg472@gmail.com>
Fri, 15 Jul 2011 08:40:52 +0000 (10:40 +0200)
committer Dominick Grift <domg472@gmail.com>
Fri, 15 Jul 2011 13:00:38 +0000 (15:00 +0200)
diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te

index 14304d1c3310d0d26ce8546193e5644bb7d0a80b..df88ec80d1abeb3cb0a6d8be700daab6abaca327 100644 (file)
--- a/policy/modules/services/virt.te
+++ b/policy/modules/services/virt.te
@@ -771,5 +771,7 @@ miscfiles_read_localization(virt_lxc_t)
  
  sysnet_exec_ifconfig(virt_lxc_t)
  
-unconfined_shell_domtrans(virt_lxc_t)
-unconfined_signal(virtd_t)
+optional_policy(`
+       unconfined_shell_domtrans(virt_lxc_t)
+       unconfined_signal(virtd_t)
+')
author	Dominick Grift <domg472@gmail.com>
	Fri, 15 Jul 2011 08:40:52 +0000 (10:40 +0200)
committer	Dominick Grift <domg472@gmail.com>
	Fri, 15 Jul 2011 13:00:38 +0000 (15:00 +0200)