latest F19 policy update killed qemu ?
Dmitry S. Makovey
dmitry at athabascau.ca
Tue Dec 17 01:37:12 UTC 2013
On 12/16/2013 06:17 PM, Dmitry S. Makovey wrote:
> Hi everybody,
>
> today, right after update my machine refuses to start any of the VMs it
> was happily running just a minute ago.
>
> Some details:
>
> $ rpm -qa | grep selinux-policy
> selinux-policy-targeted-3.12.1-74.15.fc19.noarch
> selinux-policy-devel-3.12.1-74.15.fc19.noarch
> selinux-policy-3.12.1-74.15.fc19.noarch
>
> # grep qemu-system-x86 /var/log/audit/audit.log | audit2allow
>
>
> #============= svirt_t ==============
> allow svirt_t virt_image_t:file read;
>
> # ls -laZ /var/lib/libvirt/images/
> drwx--x--x. qemu qemu system_u:object_r:virt_image_t:s0 .
> drwxr-xr-x. root root system_u:object_r:virt_var_lib_t:s0 ..
> -rw-r--r--. qemu qemu system_u:object_r:virt_image_t:s0 devstack-f.qcow2
> ...
>
> in other words - I see no reason why this should fail, what did I miss?
>
> Should I head over to bugzilla and report?
>
after some tinkering I've applied svirt_image_t to
/var/lib/libvirt/images and everything is functioning, however
"restorecon -RF /var/lib/libvirt/images" brings everything back to
virt_image_t , hmm?
--
This communication is intended for the use of the recipient to whom it
is addressed, and may contain confidential, personal, and or privileged
information. Please contact us immediately if you are not the intended
recipient of this communication, and do not copy, distribute, or take
action relying on it. Any communications received in error, or
subsequent reply, should be deleted or destroyed.
---
More information about the selinux
mailing list