On 22 Feb 2017, at 16:46, Jiri Belka <jbelka(a)redhat.com>
wrote:
----- Original Message -----
> From: "Alan Griffiths" <apgriffiths79(a)gmail.com>
> To: "Ovirt Users" <users(a)ovirt.org>
> Sent: Friday, February 10, 2017 4:25:28 PM
> Subject: [ovirt-users] Guest Agent Running unconfined on Centos 7
>
> Hi,
>
> I'm running ovirt-guest-agent from Centos 7 EPEL and I notice that it's
> running unconfined rather than within its own domain.
>
> I see there is a rhev_agentd_exec_t
That sound suspicious on its own. Are you sure you haven't mixed rhev
and ovirt agents in the same guest at some point? Restoring selinux
context doesn't help?
> type, which I attempted to assign to
> ovirt-guest-agent.py but it still starts up as unconfined. Is there a
> supported process for getting ovirt-guest into its own domain? Or a reason
> why it's not possible?
>
> Thanks,
>
> Alan
Hm, it seems many ovirt services run unconfined. For ovirt GA, it seems
there's missing glue between systemd -> python -> GA script.
Vinzenz, any idea?
j.
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users