Well I doubt this is a solution to this, anyway, if you want to check if it's a permission error due to not correctly configured selinux you could do: grep "avc" /var/log/auditd/auditd.log and configure your selinux correctly, no need to disable it. But I doubt that the "VM can spoof the ip address" you can configure it, sure, but you should not be able to access anything outside of the vm. another way to set this up, is, to configure the filter vdsm-no-mac-spoofing for each vm and to configure your network to not allow any other ip-packages from the given mac, and assign well known macs to each vm. you can also add vlans and proper subnetting to the mix to make it more secure. Am 27.06.2014 11:16, schrieb Antoni Segura Puimedon:
Did you try to disable SELinux with "setenforce 0" to see if the problem is one of secure contexts?
-- Mit freundlichen Grüßen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +49-5772-293-100 F: +49-5772-293-333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen