Re: [ovirt-users] Ip spoofing

From: "Punit Dambiwal" <hypunit(a)gmail.com&gt; To: "Antoni Segura Puimedon" <asegurap(a)redhat.com&gt;, "Dan Kenigsberg" <danken(a)redhat.com&gt; Cc: "Sven Kieske" <S.Kieske(a)mittwald.de&gt;, users(a)ovirt.org Sent: Friday, June 27, 2014 11:07:56 AM Subject: Re: [ovirt-users] Ip spoofing Hi Dan, Still the same....VM can spoof the ip address...attached is the VM domain xml file....

On Thu, Jun 26, 2014 at 5:30 PM, Punit Dambiwal <hypunit(a)gmail.com&gt; wrote: > Hi Sven, > > I already give the sudo user permission to VDSM user... > > Yes..after VDSM restart i can see this hook in host tab....I will test it > again and udpate you guys if still not solve.... > > > On Thu, Jun 26, 2014 at 4:03 PM, Antoni Segura Puimedon < > asegurap(a)redhat.com&gt; wrote: > >> >> >> ----- Original Message ----- >> > From: "Sven Kieske" <S.Kieske(a)mittwald.de&gt; >> > To: users(a)ovirt.org >> > Sent: Thursday, June 26, 2014 9:12:31 AM >> > Subject: Re: [ovirt-users] Ip spoofing >> > >> > Well this is strange, and this should not be the reason >> > but can you attach a ".py" ending to the file names (maybe vdsm performs >> > some strange checks)? >> >> We do not ;-) >> >> > your permissions look good. >> > the only other thing I can think of are selinux >> > restrictions, can you check them with: >> > #this gives you the actual used selinux security level: >> > getenforce >> >> That could be it >> >> > :this gives you the selinux attributes for the folder: >> > ls -lZ /usr/libexec/vdsm/hooks/before_device_create >> > >> > I first thought it might be related to vdsms sudoers >> > rights but a plain python script should be executed >> > without modification to the sudoers config. >> > >> > HTH >> > >> > Am 26.06.2014 06:22, schrieb Punit Dambiwal: >> > > Hi Dan, >> > > >> > > The permission looks ok... >> > > >> > > >> > > [root@gfs1 ~]# su - vdsm -s >> > > /bin/bash >> > > -bash-4.1$ ls -l /usr/libexec/vdsm/hooks/before_device_create >> > > total 8 >> > > -rwxr-xr-x. 1 root root 1702 Jun 10 05:25 50_macspoof >> > > -rwxr-xr-x. 1 root root 2490 Jun 23 17:47 50_noipspoof >> > > -bash-4.1$ exit >> > > logout >> > > [root@gfs1 ~]# >> > > >> > > But the strange thing is noipspoof hook not display in the host hooks >> > > windows.... >> > >> > -- >> > Mit freundlichen Grüßen / Regards >> > >> > Sven Kieske >> > >> > Systemadministrator >> > Mittwald CM Service GmbH & Co. KG >> > Königsberger Straße 6 >> > 32339 Espelkamp >> > T: +49-5772-293-100 >> > F: +49-5772-293-333 >> > https://www.mittwald.de >> > Geschäftsführer: Robert Meyer >> > St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad >> Oeynhausen >> > Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad >> Oeynhausen >> > _______________________________________________ >> > Users mailing list >> > Users(a)ovirt.org >> > http://lists.ovirt.org/mailman/listinfo/users >> > >> _______________________________________________ >> Users mailing list >> Users(a)ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> > >