Why is SELinux incompatible with OpenVZ? [message #41363] |
Sun, 09 January 2011 20:27 |
cwebster
Messages: 2 Registered: January 2011
|
Junior Member |
|
|
I've got a CentOS 5 development server where several developers need to periodically run instances of a real-time application. Each instance expects to be the only one running on the machine. Multiple instances will collide.
Since this is a low-end server and target archtecture is identical to development host, OpenVZ would seem to be the most resource-efficient virtualization tool.
The problem is that this development server is required by security policy to run SELinux. I don't need to run SELinux within the containers, only on the develoment server host.
I've done a lot of googling and searching various forums but I can find no specific reasons why OpenVZ is incompatible with SELinux.
Please explain the impact of setting up SELinux in an OpenVZ kernel. Why can't I re-build an OpenVZ kernel with support for SELinux and enable it to use our required policies?
Thanks in advance for any information, suggestions, useful links, etc.
Cal Webster
|
|
|