Re: F16 Xen dom0 SElinux problems with LVM volumes for domUs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Oct 17, 2011 at 11:40:01AM -0600, Tim Flink wrote:
> On Sun, 16 Oct 2011 14:30:22 +0300
> Pasi Kärkkäinen <pasik@xxxxxx> wrote:
> 
> > Hello,
> > 
> > I need to do "setenforce 0" before I'm able to install Xen VMs with
> > LVM volumes as disk backends.. Should I file a bugzilla entry about
> > this? 
> 
> I wonder if you're hitting the same thing that I filed last week:
>  - 745996 - AVC denials preventing start of Xen domain [1]
> 
> I'm generating my DomUs outside of Xen, so I don't see it at install
> time but I'm wondering if they might be related.
> 
> Are the AVC denials the same as the ones I listed there?
> 
> Tim
> 
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=745996

Hey,

While running virt-install I get this in audit.log:

type=AVC msg=audit(1320149119.737:90): avc:  denied  { read write } for  pid=2591 comm="qemu-dm" name="ptmx" dev=devtmpfs ino=1121 scontext=system_u:system_r:qemu_dm_t:s0 tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1320149119.737:90): arch=c000003e syscall=2 success=no exit=-13 a0=7f695a69f28d a1=2 a2=0 a3=7fff366862e0 items=0 ppid=1148 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="qemu-dm" exe="/usr/lib/xen/bin/qemu-dm" subj=system_u:system_r:qemu_dm_t:s0 key=(null)
type=ANOM_PROMISCUOUS msg=audit(1320149119.932:91): dev=vif3.0 prom=256 old_prom=0 auid=4294967295 uid=0 gid=0 ses=4294967295
type=SYSCALL msg=audit(1320149119.932:91): arch=c000003e syscall=16 success=yes exit=0 a0=3 a1=89a2 a2=7fffff760a30 a3=7fffff760790 items=0 ppid=2662 pid=2698 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="brctl" exe="/usr/sbin/brctl" subj=system_u:system_r:brctl_t:s0-s0:c0.c1023 key=(null)


And this error from virt-install:

Tue, 01 Nov 2011 14:05:20 DEBUG    Removing /var/lib/xen/virtinst-vmlinuz.Gt3BQs
Tue, 01 Nov 2011 14:05:20 DEBUG    Removing /var/lib/xen/virtinst-initrd.img.8Jx2yN
Tue, 01 Nov 2011 14:05:20 ERROR    Domain not found: xenUnifiedDomainLookupByName
Tue, 01 Nov 2011 14:05:20 DEBUG    Traceback (most recent call last):
  File "/usr/bin/virt-install", line 620, in start_install
    noboot=options.noreboot)
  File "/usr/lib/python2.7/site-packages/virtinst/Guest.py", line 1223, in start_install
    noboot)
  File "/usr/lib/python2.7/site-packages/virtinst/Guest.py", line 1291, in _create_guest
    dom = self.conn.createLinux(start_xml or final_xml, 0)
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line 2077, in createLinux
    if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: Domain not found: xenUnifiedDomainLookupByName
Tue, 01 Nov 2011 14:05:20 DEBUG    Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
  virsh --connect xen:/// start f16foo
otherwise, please restart your installation.
Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
  virsh --connect xen:/// start f16foo
otherwise, please restart your installation.


So it looks different to your errors.. I'll file a new bug.

-- Pasi

--
xen mailing list
xen@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/xen



[Index of Archives]     [Fedora General]     [Fedora Music]     [Linux Kernel]     [Fedora Desktop]     [Fedora Directory]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux