The selinux documentation mentions to check the selinux/openvswitch.te file
for any permissions that might need to be added. However, the commit
7bc1aae71e89 ("rhel: make the selinux policy intermediate") moved this
file to be generated from intermediate file selinux/openvswitch.te.in
instead.
Correct the documentation, so that users won't be trying to edit a generated
file.
Also, add a gitignore for the autogenerated file.
Fixes: 7bc1aae71e89 ("rhel: make the selinux policy intermediate")
Reported-by: Ansis Atteka <aatteka@ovn.org>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Acked-by: Ansis Atteka <aatteka@ovn.org>
openvswitch 1.1.1
If you still see Permission denied errors, then take a look into
-``selinux/openvswitch.te`` file in the OVS source tree and try to add white
+``selinux/openvswitch.te.in`` file in the OVS source tree and try to add white
list rules. This is really simple, just run SELinux audit2allow tool::
$ grep "openvswitch_t" /var/log/audit/audit.log | audit2allow -M ovslocal
--- /dev/null
+openvswitch-custom.te