5:34 p.m.
This is a multi-part message in MIME format.
--------------080603050003090005020906
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Hi=2C
Testing 3=2E5=2E2rc3=2C I see AVC denied messages for the ovrit-guest agent=
=28installed through cloud-init=29=2E
type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A avc=3A denied=20=
=7B read =7D for=20
pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22online=22 dev=3Dsysfs=
ino=3D23
scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0
tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile
type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A avc=3A denied=20=
=7B open =7D for=20
pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22online=22 dev=3Dsysfs=
ino=3D23
scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0
tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile
type=3DSYSCALL msg=3Daudit=281428510418=2E333=3A142=29=3A arch=3Dc00000=
3e syscall=3D2
success=3Dyes exit=3D6 a0=3D7f8a655612b8 a1=3D80000 a2=3D2803ff a3=3D0=
items=3D0
ppid=3D1 pid=3D1113 auid=3D4294967295 uid=3D175 gid=3D175 euid=3D175 su=
id=3D175
fsuid=3D175 egid=3D175 sgid=3D175 fsgid=3D175 tty=3D=28none=29 ses=3D42=
94967295
comm=3D=22ovirt-guest-age=22 exe=3D=22/usr/bin/python=22
subj=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0 key=3D=28null=
=29
And when I check the rpm I see=3A
rpm -qa=7Cgrep ovirt
ovirt-release-el6-10=2E0=2E1-3=2Enoarch
ovirt-guest-agent-1=2E0=2E8-1=2Eel6=2Enoarch
Then I checked the cloud-init installed /etc/yum=2Erepos=2Ed/el6-ovirt=2Ere=
po
and see version 3=2E3=2E3 is active=2E Shouldn=27t this be updated to 3=2E5=
=2E* =3F=3F=3F=3F
=5Bovirt-stable=5D
name=3DOlder Stable builds of the oVirt project
baseurl=3Dhttp=3A//ovirt=2Eorg/releases/stable/rpm/EL/=24releasever/
enabled=3D1
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
=5Bovirt-3=2E3=2E3=5D
name=3DoVirt 3=2E3=2E3 release
baseurl=3Dhttp=3A//resources=2Eovirt=2Eorg/releases/3=2E3=2E3/rpm/EL/=
=24releasever/
enabled=3D1
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
=5Bovirt-updates-testing=5D
name=3DTest Updates builds of the oVirt project
baseurl=3Dhttp=3A//ovirt=2Eorg/releases/updates-testing/rpm/EL/=24relea=
sever/
enabled=3D0
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
=5Bovirt-beta=5D
name=3DBeta builds of the oVirt project
baseurl=3Dhttp=3A//ovirt=2Eorg/releases/beta/rpm/EL/=24releasever/
enabled=3D0
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
=5Bovirt-nightly=5D
name=3DNightly builds of the oVirt project
baseurl=3Dhttp=3A//ovirt=2Eorg/releases/nightly/rpm/EL/=24releasever/=
enabled=3D0
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
=5Bovirt-3=2E4=2E0-alpha=5D
name=3D3=2E4=2E0 alpha testing repo for the oVirt project
baseurl=3Dhttp=3A//ovirt=2Eorg/releases/3=2E4=2E0-alpha/rpm/EL/=24relea=
sever/
enabled=3D0
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
=5Bovirt-3=2E4=2E0-prerelease=5D
name=3DPre release builds of the oVirt 3=2E4 project
baseurl=3Dhttp=3A//resources=2Eovirt=2Eorg/releases/3=2E4=2E0=5Fpre/rpm=
/EL/=24releasever/
enabled=3D0
skip=5Fif=5Funavailable=3D1
gpgcheck=3D0
Met vriendelijke groet=2C With kind regards=2C
Jorick Astrego
Netbulae Virtualization Experts=20
----------------
=09Tel=3A 053 20 30 270 =09info=40netbulae=2Eeu =09Staalsteden 4-3A =09KvK=
08198180
=09Fax=3A 053 20 30 271 =09www=2Enetbulae=2Eeu =097547 TA Enschede =09BTW=
NL821234584B01
----------------
--------------080603050003090005020906
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=3Chtml=3E
=3Chead=3E
=3Cmeta http-equiv=3D=22content-type=22 content=3D=22text/html=3B chars=
et=3Dutf-8=22=3E
=3C/head=3E
=3Cbody bgcolor=3D=22=23FFFFFF=22 text=3D=22=23000000=22=3E
Hi=2C=3Cbr=3E
=3Cbr=3E
Testing 3=2E5=2E2rc3=2C I see AVC denied messages for the ovrit-guest=
agent =28installed through cloud-init=29=2E=3Cbr=3E
=3Cbr=3E
=3Cblockquote=3Etype=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A a=
vc=3A=C2=A0 denied=C2=A0 =7B
read =7D for=C2=A0 pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22=
online=22
dev=3Dsysfs ino=3D23 scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagen=
td=5Ft=3As0
tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile=3Cb=
r=3E
type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A avc=3A=C2=A0 de=
nied=C2=A0 =7B open =7D
for=C2=A0 pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22online=22=
dev=3Dsysfs
ino=3D23 scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0=
tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile=3Cb=
r=3E
type=3DSYSCALL msg=3Daudit=281428510418=2E333=3A142=29=3A arch=3Dc000=
003e
syscall=3D2 success=3Dyes exit=3D6 a0=3D7f8a655612b8 a1=3D80000 a2=3D=
2803ff
a3=3D0 items=3D0 ppid=3D1 pid=3D1113 auid=3D4294967295 uid=3D175 gid=
=3D175
euid=3D175 suid=3D175 fsuid=3D175 egid=3D175 sgid=3D175 fsgid=3D175 t=
ty=3D=28none=29
ses=3D4294967295 comm=3D=22ovirt-guest-age=22 exe=3D=22/usr/bin/pytho=
n=22
subj=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0 key=3D=28null=
=29=3Cbr=3E
=3C/blockquote=3E
And when I check the rpm I see=3A=3Cbr=3E
=3Cbr=3E
=3Cblockquote=3Erpm -qa=7Cgrep ovirt=3Cbr=3E
ovirt-release-el6-10=2E0=2E1-3=2Enoarch=3Cbr=3E
ovirt-guest-agent-1=2E0=2E8-1=2Eel6=2Enoarch=3Cbr=3E
=3Cbr=3E
=3C/blockquote=3E
Then I checked the cloud-init installed
/etc/yum=2Erepos=2Ed/el6-ovirt=2Erepo and see version 3=2E3=2E3 is acti=
ve=2E
Shouldn=27t this be updated to 3=2E5=2E* =3F=3F=3F=3F=3Cbr=3E
=3Cbr=3E
=3Cblockquote=3E=5Bovirt-stable=5D=3Cbr=3E
name=3DOlder Stable builds of the oVirt project=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A/=
/ovirt=2Eorg/releases/stable/rpm/EL/=24releasever/=22=3Ehttp=3A//ovirt=2Eor=
g/releases/stable/rpm/EL/=24releasever/=3C/a=3E=3Cbr=3E
enabled=3D1=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3Cbr=3E
=5Bovirt-3=2E3=2E3=5D=3Cbr=3E
name=3DoVirt 3=2E3=2E3 release=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A//resou=
rces=2Eovirt=2Eorg/releases/3=2E3=2E3/rpm/EL/=24releasever/=22=3Ehttp=3A//r=
esources=2Eovirt=2Eorg/releases/3=2E3=2E3/rpm/EL/=24releasever/=3C/a=3E=3Cb=
r=3E
enabled=3D1=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3Cbr=3E
=5Bovirt-updates-testing=5D=3Cbr=3E
name=3DTest Updates builds of the oVirt project=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A//ovirt=
=2Eorg/releases/updates-testing/rpm/EL/=24releasever/=22=3Ehttp=3A//ovirt=
=2Eorg/releases/updates-testing/rpm/EL/=24releasever/=3C/a=3E=3Cbr=3E
enabled=3D0=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3Cbr=3E
=5Bovirt-beta=5D=3Cbr=3E
name=3DBeta builds of the oVirt project=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A/=
/ovirt=2Eorg/releases/beta/rpm/EL/=24releasever/=22=3Ehttp=3A//ovirt=2Eorg/=
releases/beta/rpm/EL/=24releasever/=3C/a=3E=3Cbr=3E
enabled=3D0=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3Cbr=3E
=5Bovirt-nightly=5D=3Cbr=3E
name=3DNightly builds of the oVirt project=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A/=
/ovirt=2Eorg/releases/nightly/rpm/EL/=24releasever/=22=3Ehttp=3A//ovirt=2Eo=
rg/releases/nightly/rpm/EL/=24releasever/=3C/a=3E=3Cbr=3E
enabled=3D0=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3Cbr=3E
=5Bovirt-3=2E4=2E0-alpha=5D=3Cbr=3E
name=3D3=2E4=2E0 alpha testing repo for the oVirt project=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A/=
/ovirt=2Eorg/releases/3=2E4=2E0-alpha/rpm/EL/=24releasever/=22=3Ehttp=3A//o=
virt=2Eorg/releases/3=2E4=2E0-alpha/rpm/EL/=24releasever/=3C/a=3E=3Cbr=3E=
enabled=3D0=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3Cbr=3E
=5Bovirt-3=2E4=2E0-prerelease=5D=3Cbr=3E
name=3DPre release builds of the oVirt 3=2E4 project=3Cbr=3E
baseurl=3D=3Ca class=3D=22moz-txt-link-freetext=22 href=3D=22http=3A//resou=
rces=2Eovirt=2Eorg/releases/3=2E4=2E0=5Fpre/rpm/EL/=24releasever/=22=3Ehttp=
=3A//resources=2Eovirt=2Eorg/releases/3=2E4=2E0=5Fpre/rpm/EL/=24releasever/=
=3C/a=3E=3Cbr=3E
enabled=3D0=3Cbr=3E
skip=5Fif=5Funavailable=3D1=3Cbr=3E
gpgcheck=3D0=3Cbr=3E
=3C/blockquote=3E
=3Cbr=3E
=3Cbr=3E
=3Cbr=3E
=20=
=3CBR /=3E
=3CBR /=3E
=3Cb style=3D=22color=3A=23604c78=22=3E=3C/b=3E=3Cbr=3E=3Cspan style=3D=22c=
olor=3A=23604c78=3B=22=3E=3Cfont color=3D=22000000=22=3E=3Cspan style=3D=22=
mso-fareast-language=3Aen-gb=3B=22 lang=3D=22NL=22=3EMet vriendelijke groet=
=2C With kind regards=2C=3Cbr=3E=3Cbr=3E=3C/span=3EJorick Astrego=3C/font=
=3E=3C/span=3E=3Cb style=3D=22color=3A=23604c78=22=3E=3Cbr=3E=3Cbr=3ENetbul=
ae Virtualization Experts =3C/b=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3B=
border-top=3A1px solid =23ccc=3B=22=3E=3Ctable style=3D=22width=3A 522px=22=
=3E=3Ctbody=3E=3Ctr=3E=3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=
=22=3ETel=3A 053 20 30 270=3C/td=3E =3Ctd style=3D=22width=3A 130px=3Bf=
ont-size=3A 10px=22=3Einfo=40netbulae=2Eeu=3C/td=3E =3Ctd style=3D=22wid=
th=3A 130px=3Bfont-size=3A 10px=22=3EStaalsteden 4-3A=3C/td=3E =3Ctd sty=
le=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EKvK 08198180=3C/td=3E=3C/tr=
=3E=3Ctr=3E =3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EFax=
=3A 053 20 30 271=3C/td=3E =3Ctd style=3D=22width=3A 130px=3Bfont-size=
=3A 10px=22=3Ewww=2Enetbulae=2Eeu=3C/td=3E =3Ctd style=3D=22width=3A 130=
px=3Bfont-size=3A 10px=22=3E7547 TA Enschede=3C/td=3E =3Ctd style=3D=22w=
idth=3A 130px=3Bfont-size=3A 10px=22=3EBTW NL821234584B01=3C/td=3E=3C/tr=3E=
=3C/tbody=3E=3C/table=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3Bborder-top=
=3A1px solid =23ccc=3B=22=3E=3CBR /=3E
=3C/body=3E
=3C/html=3E
--------------080603050003090005020906--
9:56 a.m.
This is a multi-part message in MIME format.
--------------060804090704070102090007
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
On 04/08/2015 04:34 PM, Jorick Astrego wrote:
Hi,
Hi,
Testing 3.5.2rc3, I see AVC denied messages for the ovrit-guest agent
(installed through cloud-init).
type=AVC msg=audit(1428510418.333:142): avc: denied { read } for
pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs ino=23
scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1428510418.333:142): avc: denied { open }
for pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs
ino=23 scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=SYSCALL msg=audit(1428510418.333:142): arch=c000003e
syscall=2 success=yes exit=6 a0=7f8a655612b8 a1=80000 a2=2803ff
a3=0 items=0 ppid=1 pid=1113 auid=4294967295 uid=175 gid=175
euid=175 suid=175 fsuid=175 egid=175 sgid=175 fsgid=175 tty=(none)
ses=4294967295 comm="ovirt-guest-age" exe="/usr/bin/python"
subj=system_u:system_r:rhev_agentd_t:s0 key=(null)
And when I check the rpm I see:
rpm -qa|grep ovirt
ovirt-release-el6-10.0.1-3.noarch
ovirt-guest-agent-1.0.8-1.el6.noarch
Well the latest guest agent is always available on epel for el5/6/7 and
for fedora in the fedora repos I am not sure why it's not available in
the public ovirt repositories, however that was somehow always a problem
with ovirt releases, but I recommend anyway to use epel for the ovirt
guest agent due to the fact that I am releasing the guest agent always
to epel and it will get updated from there.
Please also note that the repo location has changed. ovirt-3.5 for el6
is now here: http://resources.ovirt.org/pub/ovirt-3.5/rpm/el6/
However what I don't know, is how the 3.3.3 repository got installed for
you, I am not sure that this was done by the bare 'cloud-init', that
might be specific to your cloud init configuration.
Then I checked the cloud-init installed
/etc/yum.repos.d/el6-ovirt.repo and see version 3.3.3 is active.
Shouldn't this be updated to 3.5.* ????
[ovirt-stable]
name=Older Stable builds of the oVirt project
baseurl=http://ovirt.org/releases/stable/rpm/EL/$releasever/
enabled=1
skip_if_unavailable=1
gpgcheck=0
[ovirt-3.3.3]
name=oVirt 3.3.3 release
baseurl=http://resources.ovirt.org/releases/3.3.3/rpm/EL/$releasever/
enabled=1
skip_if_unavailable=1
gpgcheck=0
[ovirt-updates-testing]
name=Test Updates builds of the oVirt project
baseurl=http://ovirt.org/releases/updates-testing/rpm/EL/$releasever/
enabled=0
skip_if_unavailable=1
gpgcheck=0
[ovirt-beta]
name=Beta builds of the oVirt project
baseurl=http://ovirt.org/releases/beta/rpm/EL/$releasever/
enabled=0
skip_if_unavailable=1
gpgcheck=0
[ovirt-nightly]
name=Nightly builds of the oVirt project
baseurl=http://ovirt.org/releases/nightly/rpm/EL/$releasever/
enabled=0
skip_if_unavailable=1
gpgcheck=0
[ovirt-3.4.0-alpha]
name=3.4.0 alpha testing repo for the oVirt project
baseurl=http://ovirt.org/releases/3.4.0-alpha/rpm/EL/$releasever/
enabled=0
skip_if_unavailable=1
gpgcheck=0
[ovirt-3.4.0-prerelease]
name=Pre release builds of the oVirt 3.4 project
baseurl=http://resources.ovirt.org/releases/3.4.0_pre/rpm/EL/$releasever/
enabled=0
skip_if_unavailable=1
gpgcheck=0
Met vriendelijke groet, With kind regards,
Jorick Astrego*
Netbulae Virtualization Experts *
------------------------------------------------------------------------
Tel: 053 20 30 270 info(a)netbulae.eu Staalsteden 4-3A KvK 08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
--------------060804090704070102090007
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 04/08/2015 04:34 PM, Jorick Astrego
wrote:<br>
</div>
<blockquote cite="mid:55253C8C.7080300@netbulae.eu"
type="cite">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
Hi,<br>
</blockquote>
Hi,<br>
<blockquote cite="mid:55253C8C.7080300@netbulae.eu"
type="cite"> <br>
Testing 3.5.2rc3, I see AVC denied messages for the ovrit-guest
agent (installed through cloud-init).<br>
<br>
<blockquote>type=AVC msg=audit(1428510418.333:142): avc: denied
{ read } for pid=1113 comm="ovirt-guest-age" name="online"
dev=sysfs ino=23 scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file<br>
type=AVC msg=audit(1428510418.333:142): avc: denied { open }
for pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs
ino=23 scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file<br>
type=SYSCALL msg=audit(1428510418.333:142): arch=c000003e
syscall=2 success=yes exit=6 a0=7f8a655612b8 a1=80000 a2=2803ff
a3=0 items=0 ppid=1 pid=1113 auid=4294967295 uid=175 gid=175
euid=175 suid=175 fsuid=175 egid=175 sgid=175 fsgid=175
tty=(none) ses=4294967295 comm="ovirt-guest-age"
exe="/usr/bin/python" subj=system_u:system_r:rhev_agentd_t:s0
key=(null)<br>
</blockquote>
And when I check the rpm I see:<br>
<br>
<blockquote>rpm -qa|grep ovirt<br>
ovirt-release-el6-10.0.1-3.noarch<br>
ovirt-guest-agent-1.0.8-1.el6.noarch<br>
</blockquote>
</blockquote>
Well the latest guest agent is always available on epel for el5/6/7
and for fedora in the fedora repos I am not sure why it's not
available in the public ovirt repositories, however that was somehow
always a problem with ovirt releases, but I recommend anyway to use
epel for the ovirt guest agent due to the fact that I am releasing
the guest agent always to epel and it will get updated from there.<br>
<br>
Please also note that the repo location has changed. ovirt-3.5 for
el6 is now here: <a class="moz-txt-link-freetext"
href="http://resources.ovirt.org/pub/ovirt-3.5/rpm/el6/">htt...
<br>
However what I don't know, is how the 3.3.3 repository got installed
for you, I am not sure that this was done by the bare 'cloud-init',
that might be specific to your cloud init configuration.<br>
<br>
<blockquote cite="mid:55253C8C.7080300@netbulae.eu"
type="cite">Then
I checked the cloud-init installed /etc/yum.repos.d/el6-ovirt.repo
and see version 3.3.3 is active. Shouldn't this be updated to
3.5.* ????<br>
<br>
<blockquote>[ovirt-stable]<br>
name=Older Stable builds of the oVirt project<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://ovirt.org/releases/stable/rpm/EL/$releasever/">...
enabled=1<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
<br>
[ovirt-3.3.3]<br>
name=oVirt 3.3.3 release<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://resources.ovirt.org/releases/3.3.3/rpm/EL/$releasever/&...
enabled=1<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
<br>
[ovirt-updates-testing]<br>
name=Test Updates builds of the oVirt project<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://ovirt.org/releases/updates-testing/rpm/EL/$releasever/&...
enabled=0<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
<br>
[ovirt-beta]<br>
name=Beta builds of the oVirt project<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://ovirt.org/releases/beta/rpm/EL/$releasever/">ht...
enabled=0<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
<br>
[ovirt-nightly]<br>
name=Nightly builds of the oVirt project<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://ovirt.org/releases/nightly/rpm/EL/$releasever/">...
enabled=0<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
<br>
[ovirt-3.4.0-alpha]<br>
name=3.4.0 alpha testing repo for the oVirt project<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://ovirt.org/releases/3.4.0-alpha/rpm/EL/$releasever/"...
enabled=0<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
<br>
[ovirt-3.4.0-prerelease]<br>
name=Pre release builds of the oVirt 3.4 project<br>
baseurl=<a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://resources.ovirt.org/releases/3.4.0_pre/rpm/EL/$releasev...
enabled=0<br>
skip_if_unavailable=1<br>
gpgcheck=0<br>
</blockquote>
<br>
<br>
<br>
<br>
<br>
<br>
<span style="color:#604c78;"><font
color="000000"><span
style="mso-fareast-language:en-gb;" lang="NL">Met
vriendelijke groet, With kind regards,<br>
<br>
</span>Jorick Astrego</font></span><b
style="color:#604c78"><br>
<br>
Netbulae Virtualization Experts </b><br>
<hr style="border:none;border-top:1px solid #ccc;">
<table style="width: 522px">
<tbody>
<tr>
<td style="width: 130px;font-size: 10px">Tel: 053 20 30
270</td>
<td style="width: 130px;font-size: 10px"><a
class="moz-txt-link-abbreviated"
href="mailto:info@netbulae.eu">info@netbulae.eu</a></td>
<td style="width: 130px;font-size: 10px">Staalsteden
4-3A</td>
<td style="width: 130px;font-size: 10px">KvK
08198180</td>
</tr>
<tr>
<td style="width: 130px;font-size: 10px">Fax: 053 20 30
271</td>
<td style="width: 130px;font-size: 10px"><a
class="moz-txt-link-abbreviated"
href="http://www.netbulae.eu">www.netbulae.eu</a></td>
<td style="width: 130px;font-size: 10px">7547 TA
Enschede</td>
<td style="width: 130px;font-size: 10px">BTW
NL821234584B01</td>
</tr>
</tbody>
</table>
<br>
<hr style="border:none;border-top:1px solid #ccc;"><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated"
href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext"
href="http://lists.ovirt.org/mailman/listinfo/users">http://...
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com</pre>
</body>
</html>
--------------060804090704070102090007--
10:55 a.m.
This is a multi-part message in MIME format.
--------------020701050401000508030208
Content-Type: text/plain;
charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
On 04/09/2015 08=3A56 AM=2C Vinzenz Feenstra wrote=3A
=3E On 04/08/2015 04=3A34 PM=2C Jorick Astrego wrote=3A
=3E=3E Hi=2C
=3E Hi=2C
=3E=3E
=3E=3E Testing 3=2E5=2E2rc3=2C I see AVC denied messages for the ovrit-gues=
t agent
=3E=3E =28installed through cloud-init=29=2E
=3E=3E
=3E=3E type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A avc=3A de=
nied =7B read =7D
=3E=3E for pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22online=22=
dev=3Dsysfs
=3E=3E ino=3D23 scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=
=3As0
=3E=3E tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfil=
e
=3E=3E type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A avc=3A de=
nied =7B open =7D
=3E=3E for pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22online=22=
dev=3Dsysfs
=3E=3E ino=3D23 scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=
=3As0
=3E=3E tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfil=
e
=3E=3E type=3DSYSCALL msg=3Daudit=281428510418=2E333=3A142=29=3A arch=
=3Dc000003e
=3E=3E syscall=3D2 success=3Dyes exit=3D6 a0=3D7f8a655612b8 a1=3D80000=
a2=3D2803ff
=3E=3E a3=3D0 items=3D0 ppid=3D1 pid=3D1113 auid=3D4294967295 uid=3D175=
gid=3D175
=3E=3E euid=3D175 suid=3D175 fsuid=3D175 egid=3D175 sgid=3D175 fsgid=3D=
175
=3E=3E tty=3D=28none=29 ses=3D4294967295 comm=3D=22ovirt-guest-age=22=
=3E=3E exe=3D=22/usr/bin/python=22 subj=3Dsystem=5Fu=3Asystem=5Fr=3Arhe=
v=5Fagentd=5Ft=3As0
=3E=3E key=3D=28null=29
=3E=3E
=3E=3E And when I check the rpm I see=3A
=3E=3E
=3E=3E rpm -qa=7Cgrep ovirt
=3E=3E ovirt-release-el6-10=2E0=2E1-3=2Enoarch
=3E=3E ovirt-guest-agent-1=2E0=2E8-1=2Eel6=2Enoarch
=3E=3E
=3E Well the latest guest agent is always available on epel for el5/6/7
=3E and for fedora in the fedora repos I am not sure why it=27s not
=3E available in the public ovirt repositories=2C however that was somehow=
=3E always a problem with ovirt releases=2C but I recommend anyway to use=
=3E epel for the ovirt guest agent due to the fact that I am releasing the=
=3E guest agent always to epel and it will get updated from there=2E
=3E
=3E Please also note that the repo location has changed=2E ovirt-3=2E5 for=
el6
=3E is now here=3A http=3A//resources=2Eovirt=2Eorg/pub/ovirt-3=2E5/rpm/el6=
/
=3E
=3E However what I don=27t know=2C is how the 3=2E3=2E3 repository got inst=
alled
=3E for you=2C I am not sure that this was done by the bare =27cloud-init=
=27=2C
=3E that might be specific to your cloud init configuration=2E
Well that can=27t be specific=2E I completely wipe the test environment
every couple weeks and just provisioned a completely fresh ovirt
3=2E5=2E2rc3 install=2E
Normally I don=27t use cloud-init as we have foreman=2C but I was testing=
it=2E The only thing I did was=2C create new VM and checked the
cloud-init/sysprep checkbox=2E The rest oVirt did automatically=2E
What I think is happening is that the CentOS 6=2E5 image in the
ovirt-image-repository glance provider is outdated=2E I used this as
template for quick testing=2E
Does anyone know who maintains these images=3F
Met vriendelijke groet=2C With kind regards=2C
Jorick Astrego
Netbulae Virtualization Experts=20
----------------
=09Tel=3A 053 20 30 270 =09info=40netbulae=2Eeu =09Staalsteden 4-3A =09KvK=
08198180
=09Fax=3A 053 20 30 271 =09www=2Enetbulae=2Eeu =097547 TA Enschede =09BTW=
NL821234584B01
----------------
--------------020701050401000508030208
Content-Type: text/html;
charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
=3Chtml=3E
=3Chead=3E
=3Cmeta content=3D=22text/html=3B charset=3Dwindows-1252=22
http-equiv=3D=22Content-Type=22=3E
=3C/head=3E
=3Cbody bgcolor=3D=22=23FFFFFF=22 text=3D=22=23000000=22=3E
=3Cbr=3E
=3Cbr=3E
=3Cdiv class=3D=22moz-cite-prefix=22=3EOn 04/09/2015 08=3A56 AM=2C Vinz=
enz
Feenstra wrote=3A=3Cbr=3E
=3C/div=3E
=3Cblockquote cite=3D=22mid=3A552622B2=2E8090909=40redhat=2Ecom=22 type=
=3D=22cite=22=3E
=3Cmeta content=3D=22text/html=3B charset=3Dwindows-1252=22
http-equiv=3D=22Content-Type=22=3E
=3Cdiv class=3D=22moz-cite-prefix=22=3EOn 04/08/2015 04=3A34 PM=2C Jo=
rick
Astrego wrote=3A=3Cbr=3E
=3C/div=3E
=3Cblockquote cite=3D=22mid=3A55253C8C=2E7080300=40netbulae=2Eeu=22 t=
ype=3D=22cite=22=3E
=3Cmeta http-equiv=3D=22content-type=22 content=3D=22text/html=3B=
charset=3Dwindows-1252=22=3E
Hi=2C=3Cbr=3E
=3C/blockquote=3E
Hi=2C=3Cbr=3E
=3Cblockquote cite=3D=22mid=3A55253C8C=2E7080300=40netbulae=2Eeu=22 t=
ype=3D=22cite=22=3E =3Cbr=3E
Testing 3=2E5=2E2rc3=2C I see AVC denied messages for the ovrit-gue=
st
agent =28installed through cloud-init=29=2E=3Cbr=3E
=3Cbr=3E
=3Cblockquote=3Etype=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=
=3A avc=3A=A0
denied=A0 =7B read =7D for=A0 pid=3D1113 comm=3D=22ovirt-guest-ag=
e=22
name=3D=22online=22 dev=3Dsysfs ino=3D23
scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0
tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile=
=3Cbr=3E
type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A avc=3A=A0 d=
enied=A0 =7B open =7D
for=A0 pid=3D1113 comm=3D=22ovirt-guest-age=22 name=3D=22online=
=22 dev=3Dsysfs
ino=3D23 scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=
=3As0
tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile=
=3Cbr=3E
type=3DSYSCALL msg=3Daudit=281428510418=2E333=3A142=29=3A arch=3D=
c000003e
syscall=3D2 success=3Dyes exit=3D6 a0=3D7f8a655612b8 a1=3D80000=
a2=3D2803ff a3=3D0 items=3D0 ppid=3D1 pid=3D1113 auid=3D429496729=
5 uid=3D175
gid=3D175 euid=3D175 suid=3D175 fsuid=3D175 egid=3D175 sgid=3D175=
fsgid=3D175 tty=3D=28none=29 ses=3D4294967295 comm=3D=22ovirt-gue=
st-age=22
exe=3D=22/usr/bin/python=22 subj=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=
=5Fagentd=5Ft=3As0
key=3D=28null=29=3Cbr=3E
=3C/blockquote=3E
And when I check the rpm I see=3A=3Cbr=3E
=3Cbr=3E
=3Cblockquote=3Erpm -qa=7Cgrep ovirt=3Cbr=3E
ovirt-release-el6-10=2E0=2E1-3=2Enoarch=3Cbr=3E
ovirt-guest-agent-1=2E0=2E8-1=2Eel6=2Enoarch=3Cbr=3E
=3C/blockquote=3E
=3C/blockquote=3E
Well the latest guest agent is always available on epel for
el5/6/7 and for fedora in the fedora repos I am not sure why it=27s=
not available in the public ovirt repositories=2C however that was
somehow always a problem with ovirt releases=2C but I recommend
anyway to use epel for the ovirt guest agent due to the fact that
I am releasing the guest agent always to epel and it will get
updated from there=2E=3Cbr=3E
=3Cbr=3E
Please also note that the repo location has changed=2E ovirt-3=2E5 fo=
r
el6 is now here=3A =3Ca moz-do-not-send=3D=22true=22
class=3D=22moz-txt-link-freetext=22
href=3D=22http=3A//resources=2Eovirt=2Eorg/pub/ovirt-3=2E5/rpm/el6/=
=22=3Ehttp=3A//resources=2Eovirt=2Eorg/pub/ovirt-3=2E5/rpm/el6/=3C/a=3E=3Cb=
r=3E
=3Cbr=3E
However what I don=27t know=2C is how the 3=2E3=2E3 repository got
installed for you=2C I am not sure that this was done by the bare
=27cloud-init=27=2C that might be specific to your cloud init
configuration=2E=3Cbr=3E
=3C/blockquote=3E
=3Cbr=3E
Well that can=27t be specific=2E I completely wipe the test environment=
every couple weeks and just provisioned a completely fresh ovirt
3=2E5=2E2rc3 install=2E=3Cbr=3E
=3Cbr=3E
Normally I don=27t use cloud-init as we have foreman=2C but I was
testing it=2E The only thing I did was=2C create new VM and checked the=
cloud-init/sysprep checkbox=2E The rest oVirt did automatically=2E =3Cb=
r=3E
=3Cbr=3E
What I think is happening is that the CentOS 6=2E5 image in the
ovirt-image-repository glance provider is outdated=2E I used this as
template for quick testing=2E =3Cbr=3E
=3Cbr=3E
Does anyone know who maintains these images=3F=3Cbr=3E
=3Cbr=3E
=3Cbr=3E
=3Cbr=3E
=3Cbr=3E
=20=
=3CBR /=3E
=3CBR /=3E
=3Cb style=3D=22color=3A=23604c78=22=3E=3C/b=3E=3Cbr=3E=3Cspan style=3D=22c=
olor=3A=23604c78=3B=22=3E=3Cfont color=3D=22000000=22=3E=3Cspan style=3D=22=
mso-fareast-language=3Aen-gb=3B=22 lang=3D=22NL=22=3EMet vriendelijke groet=
=2C With kind regards=2C=3Cbr=3E=3Cbr=3E=3C/span=3EJorick Astrego=3C/font=
=3E=3C/span=3E=3Cb style=3D=22color=3A=23604c78=22=3E=3Cbr=3E=3Cbr=3ENetbul=
ae Virtualization Experts =3C/b=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3B=
border-top=3A1px solid =23ccc=3B=22=3E=3Ctable style=3D=22width=3A 522px=22=
=3E=3Ctbody=3E=3Ctr=3E=3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=
=22=3ETel=3A 053 20 30 270=3C/td=3E =3Ctd style=3D=22width=3A 130px=3Bf=
ont-size=3A 10px=22=3Einfo=40netbulae=2Eeu=3C/td=3E =3Ctd style=3D=22wid=
th=3A 130px=3Bfont-size=3A 10px=22=3EStaalsteden 4-3A=3C/td=3E =3Ctd sty=
le=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EKvK 08198180=3C/td=3E=3C/tr=
=3E=3Ctr=3E =3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EFax=
=3A 053 20 30 271=3C/td=3E =3Ctd style=3D=22width=3A 130px=3Bfont-size=
=3A 10px=22=3Ewww=2Enetbulae=2Eeu=3C/td=3E =3Ctd style=3D=22width=3A 130=
px=3Bfont-size=3A 10px=22=3E7547 TA Enschede=3C/td=3E =3Ctd style=3D=22w=
idth=3A 130px=3Bfont-size=3A 10px=22=3EBTW NL821234584B01=3C/td=3E=3C/tr=3E=
=3C/tbody=3E=3C/table=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3Bborder-top=
=3A1px solid =23ccc=3B=22=3E=3CBR /=3E
=3C/body=3E
=3C/html=3E
--------------020701050401000508030208--
11:03 a.m.
This is a multi-part message in MIME format.
--------------030509010108060002040807
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
On 04/09/2015 09:55 AM, Jorick Astrego wrote:
On 04/09/2015 08:56 AM, Vinzenz Feenstra wrote:
> On 04/08/2015 04:34 PM, Jorick Astrego wrote:
>> Hi,
> Hi,
>>
>> Testing 3.5.2rc3, I see AVC denied messages for the ovrit-guest
>> agent (installed through cloud-init).
>>
>> type=AVC msg=audit(1428510418.333:142): avc: denied { read }
>> for pid=1113 comm="ovirt-guest-age" name="online"
dev=sysfs
>> ino=23 scontext=system_u:system_r:rhev_agentd_t:s0
>> tcontext=system_u:object_r:sysfs_t:s0 tclass=file
>> type=AVC msg=audit(1428510418.333:142): avc: denied { open }
>> for pid=1113 comm="ovirt-guest-age" name="online"
dev=sysfs
>> ino=23 scontext=system_u:system_r:rhev_agentd_t:s0
>> tcontext=system_u:object_r:sysfs_t:s0 tclass=file
>> type=SYSCALL msg=audit(1428510418.333:142): arch=c000003e
>> syscall=2 success=yes exit=6 a0=7f8a655612b8 a1=80000 a2=2803ff
>> a3=0 items=0 ppid=1 pid=1113 auid=4294967295 uid=175 gid=175
>> euid=175 suid=175 fsuid=175 egid=175 sgid=175 fsgid=175
>> tty=(none) ses=4294967295 comm="ovirt-guest-age"
>> exe="/usr/bin/python" subj=system_u:system_r:rhev_agentd_t:s0
>> key=(null)
>>
>> And when I check the rpm I see:
>>
>> rpm -qa|grep ovirt
>> ovirt-release-el6-10.0.1-3.noarch
>> ovirt-guest-agent-1.0.8-1.el6.noarch
>>
> Well the latest guest agent is always available on epel for el5/6/7
> and for fedora in the fedora repos I am not sure why it's not
> available in the public ovirt repositories, however that was somehow
> always a problem with ovirt releases, but I recommend anyway to use
> epel for the ovirt guest agent due to the fact that I am releasing
> the guest agent always to epel and it will get updated from there.
>
> Please also note that the repo location has changed. ovirt-3.5 for
> el6 is now here: http://resources.ovirt.org/pub/ovirt-3.5/rpm/el6/
>
> However what I don't know, is how the 3.3.3 repository got installed
> for you, I am not sure that this was done by the bare 'cloud-init',
> that might be specific to your cloud init configuration.
Well that can't be specific. I completely wipe the test environment
every couple weeks and just provisioned a completely fresh ovirt
3.5.2rc3 install.
Normally I don't use cloud-init as we have foreman, but I was testing
it. The only thing I did was, create new VM and checked the
cloud-init/sysprep checkbox. The rest oVirt did automatically.
What I think is happening is that the CentOS 6.5 image in the
ovirt-image-repository glance provider is outdated. I used this as
template for quick testing.
Does anyone know who maintains these images?
Sandro, do you by any chance know who
does?
Met vriendelijke groet, With kind regards,
Jorick Astrego*
Netbulae Virtualization Experts *
------------------------------------------------------------------------
Tel: 053 20 30 270 info(a)netbulae.eu Staalsteden 4-3A KvK 08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
--------------030509010108060002040807
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 04/09/2015 09:55 AM, Jorick Astrego
wrote:<br>
</div>
<blockquote cite="mid:5526306E.3020307@netbulae.eu"
type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<br>
<br>
<div class="moz-cite-prefix">On 04/09/2015 08:56 AM, Vinzenz
Feenstra wrote:<br>
</div>
<blockquote cite="mid:552622B2.8090909@redhat.com"
type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<div class="moz-cite-prefix">On 04/08/2015 04:34 PM, Jorick
Astrego wrote:<br>
</div>
<blockquote cite="mid:55253C8C.7080300@netbulae.eu"
type="cite">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
Hi,<br>
</blockquote>
Hi,<br>
<blockquote cite="mid:55253C8C.7080300@netbulae.eu"
type="cite">
<br>
Testing 3.5.2rc3, I see AVC denied messages for the
ovrit-guest agent (installed through cloud-init).<br>
<br>
<blockquote>type=AVC msg=audit(1428510418.333:142): avc:
denied { read } for pid=1113 comm="ovirt-guest-age"
name="online" dev=sysfs ino=23
scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file<br>
type=AVC msg=audit(1428510418.333:142): avc: denied { open
} for pid=1113 comm="ovirt-guest-age" name="online"
dev=sysfs ino=23 scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file<br>
type=SYSCALL msg=audit(1428510418.333:142): arch=c000003e
syscall=2 success=yes exit=6 a0=7f8a655612b8 a1=80000
a2=2803ff a3=0 items=0 ppid=1 pid=1113 auid=4294967295
uid=175 gid=175 euid=175 suid=175 fsuid=175 egid=175
sgid=175 fsgid=175 tty=(none) ses=4294967295
comm="ovirt-guest-age" exe="/usr/bin/python"
subj=system_u:system_r:rhev_agentd_t:s0 key=(null)<br>
</blockquote>
And when I check the rpm I see:<br>
<br>
<blockquote>rpm -qa|grep ovirt<br>
ovirt-release-el6-10.0.1-3.noarch<br>
ovirt-guest-agent-1.0.8-1.el6.noarch<br>
</blockquote>
</blockquote>
Well the latest guest agent is always available on epel for
el5/6/7 and for fedora in the fedora repos I am not sure why
it's not available in the public ovirt repositories, however
that was somehow always a problem with ovirt releases, but I
recommend anyway to use epel for the ovirt guest agent due to
the fact that I am releasing the guest agent always to epel and
it will get updated from there.<br>
<br>
Please also note that the repo location has changed. ovirt-3.5
for el6 is now here: <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://resources.ovirt.org/pub/ovirt-3.5/rpm/el6/">htt...
<br>
However what I don't know, is how the 3.3.3 repository got
installed for you, I am not sure that this was done by the bare
'cloud-init', that might be specific to your cloud init
configuration.<br>
</blockquote>
<br>
Well that can't be specific. I completely wipe the test
environment every couple weeks and just provisioned a completely
fresh ovirt 3.5.2rc3 install.<br>
<br>
Normally I don't use cloud-init as we have foreman, but I was
testing it. The only thing I did was, create new VM and checked
the cloud-init/sysprep checkbox. The rest oVirt did automatically.
<br>
<br>
What I think is happening is that the CentOS 6.5 image in the
ovirt-image-repository glance provider is outdated. I used this as
template for quick testing. <br>
<br>
Does anyone know who maintains these images?<br>
</blockquote>
Sandro, do you by any chance know who does?<br>
<blockquote cite="mid:5526306E.3020307@netbulae.eu"
type="cite"> <br>
<br>
<br>
<br>
<br>
<br>
<br>
<span style="color:#604c78;"><font
color="000000"><span
style="mso-fareast-language:en-gb;" lang="NL">Met
vriendelijke groet, With kind regards,<br>
<br>
</span>Jorick Astrego</font></span><b
style="color:#604c78"><br>
<br>
Netbulae Virtualization Experts </b><br>
<hr style="border:none;border-top:1px solid #ccc;">
<table style="width: 522px">
<tbody>
<tr>
<td style="width: 130px;font-size: 10px">Tel: 053 20 30
270</td>
<td style="width: 130px;font-size: 10px"><a
class="moz-txt-link-abbreviated"
href="mailto:info@netbulae.eu">info@netbulae.eu</a></td>
<td style="width: 130px;font-size: 10px">Staalsteden
4-3A</td>
<td style="width: 130px;font-size: 10px">KvK
08198180</td>
</tr>
<tr>
<td style="width: 130px;font-size: 10px">Fax: 053 20 30
271</td>
<td style="width: 130px;font-size: 10px"><a
class="moz-txt-link-abbreviated"
href="http://www.netbulae.eu">www.netbulae.eu</a></td>
<td style="width: 130px;font-size: 10px">7547 TA
Enschede</td>
<td style="width: 130px;font-size: 10px">BTW
NL821234584B01</td>
</tr>
</tbody>
</table>
<br>
<hr style="border:none;border-top:1px solid #ccc;"><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated"
href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext"
href="http://lists.ovirt.org/mailman/listinfo/users">http://...
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com</pre>
</body>
</html>
--------------030509010108060002040807--
11:12 a.m.
Il 09/04/2015 10:03, Vinzenz Feenstra ha scritto:
On 04/09/2015 09:55 AM, Jorick Astrego wrote:
>
>
> On 04/09/2015 08:56 AM, Vinzenz Feenstra wrote:
>> On 04/08/2015 04:34 PM, Jorick Astrego wrote:
>>> Hi,
>> Hi,
>>>
>>> Testing 3.5.2rc3, I see AVC denied messages for the ovrit-guest agent
(installed through cloud-init).
>>>
>>> type=AVC msg=audit(1428510418.333:142): avc: denied { read } for
pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs ino=23
>>> scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
>>> type=AVC msg=audit(1428510418.333:142): avc: denied { open } for
pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs ino=23
>>> scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
>>> type=SYSCALL msg=audit(1428510418.333:142): arch=c000003e syscall=2
success=yes exit=6 a0=7f8a655612b8 a1=80000 a2=2803ff a3=0 items=0 ppid=1
>>> pid=1113 auid=4294967295 uid=175 gid=175 euid=175 suid=175 fsuid=175
egid=175 sgid=175 fsgid=175 tty=(none) ses=4294967295
>>> comm="ovirt-guest-age" exe="/usr/bin/python"
subj=system_u:system_r:rhev_agentd_t:s0 key=(null)
>>>
>>> And when I check the rpm I see:
>>>
>>> rpm -qa|grep ovirt
>>> ovirt-release-el6-10.0.1-3.noarch
>>> ovirt-guest-agent-1.0.8-1.el6.noarch
>>>
>> Well the latest guest agent is always available on epel for el5/6/7 and for
fedora in the fedora repos I am not sure why it's not available in the
>> public ovirt repositories, however that was somehow always a problem with ovirt
releases, but I recommend anyway to use epel for the ovirt guest
>> agent due to the fact that I am releasing the guest agent always to epel and it
will get updated from there.
>>
>> Please also note that the repo location has changed. ovirt-3.5 for el6 is now
here: http://resources.ovirt.org/pub/ovirt-3.5/rpm/el6/
>>
>> However what I don't know, is how the 3.3.3 repository got installed for you,
I am not sure that this was done by the bare 'cloud-init', that might
>> be specific to your cloud init configuration.
>
> Well that can't be specific. I completely wipe the test environment every couple
weeks and just provisioned a completely fresh ovirt 3.5.2rc3 install.
>
> Normally I don't use cloud-init as we have foreman, but I was testing it. The
only thing I did was, create new VM and checked the cloud-init/sysprep
> checkbox. The rest oVirt did automatically.
>
> What I think is happening is that the CentOS 6.5 image in the ovirt-image-repository
glance provider is outdated. I used this as template for quick
> testing.
>
> Does anyone know who maintains these images?
Sandro, do you by any chance know who does?
Nobody maintains actively the images in the glance repository.
I raised the issue a while ago[1] and proposed as "get involved" task to provide
updated images[2] for the glance repository.
Once new images will be available, Oved can upload them into the glance repository.
[1] http://lists.ovirt.org/pipermail/devel/2015-April/010193.html
[2] http://lists.ovirt.org/pipermail/devel/2015-April/010199.html
>
>
>
>
>
>
>
> Met vriendelijke groet, With kind regards,
>
> Jorick Astrego*
>
> Netbulae Virtualization Experts *
>
------------------------------------------------------------------------------------------------------------------------------------------------------
> Tel: 053 20 30 270 info(a)netbulae.eu Staalsteden 4-3A KvK 08198180
> Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01
>
>
>
------------------------------------------------------------------------------------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
--
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
11:17 a.m.
This is a multi-part message in MIME format.
------------MIME-2638369536-379142252-delim
Content-Type: text/plain;
charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
On 04/09/2015 10=3A12 AM=2C Sandro Bonazzola wrote=3A
=3E Il 09/04/2015 10=3A03=2C Vinzenz Feenstra ha scritto=3A
=3E=3E On 04/09/2015 09=3A55 AM=2C Jorick Astrego wrote=3A
=3E=3E=3E
=3E=3E=3E On 04/09/2015 08=3A56 AM=2C Vinzenz Feenstra wrote=3A
=3E=3E=3E=3E On 04/08/2015 04=3A34 PM=2C Jorick Astrego wrote=3A
=3E=3E=3E=3E=3E Hi=2C
=3E=3E=3E=3E Hi=2C
=3E=3E=3E=3E=3E Testing 3=2E5=2E2rc3=2C I see AVC denied messages for the o=
vrit-guest agent =28installed through cloud-init=29=2E
=3E=3E=3E=3E=3E
=3E=3E=3E=3E=3E type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A a=
vc=3A denied =7B read =7D for pid=3D1113 comm=3D=22ovirt-guest-age=22 na=
me=3D=22online=22 dev=3Dsysfs ino=3D23
=3E=3E=3E=3E=3E scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=
=3As0 tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile
=3E=3E=3E=3E=3E type=3DAVC msg=3Daudit=281428510418=2E333=3A142=29=3A a=
vc=3A denied =7B open =7D for pid=3D1113 comm=3D=22ovirt-guest-age=22 na=
me=3D=22online=22 dev=3Dsysfs ino=3D23
=3E=3E=3E=3E=3E scontext=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=
=3As0 tcontext=3Dsystem=5Fu=3Aobject=5Fr=3Asysfs=5Ft=3As0 tclass=3Dfile
=3E=3E=3E=3E=3E type=3DSYSCALL msg=3Daudit=281428510418=2E333=3A142=29=
=3A arch=3Dc000003e syscall=3D2 success=3Dyes exit=3D6 a0=3D7f8a655612b8 a1=
=3D80000 a2=3D2803ff a3=3D0 items=3D0 ppid=3D1
=3E=3E=3E=3E=3E pid=3D1113 auid=3D4294967295 uid=3D175 gid=3D175 euid=
=3D175 suid=3D175 fsuid=3D175 egid=3D175 sgid=3D175 fsgid=3D175 tty=3D=28no=
ne=29 ses=3D4294967295
=3E=3E=3E=3E=3E comm=3D=22ovirt-guest-age=22 exe=3D=22/usr/bin/python=
=22 subj=3Dsystem=5Fu=3Asystem=5Fr=3Arhev=5Fagentd=5Ft=3As0 key=3D=28null=
=29
=3E=3E=3E=3E=3E
=3E=3E=3E=3E=3E And when I check the rpm I see=3A
=3E=3E=3E=3E=3E
=3E=3E=3E=3E=3E rpm -qa=7Cgrep ovirt
=3E=3E=3E=3E=3E ovirt-release-el6-10=2E0=2E1-3=2Enoarch
=3E=3E=3E=3E=3E ovirt-guest-agent-1=2E0=2E8-1=2Eel6=2Enoarch
=3E=3E=3E=3E=3E
=3E=3E=3E=3E Well the latest guest agent is always available on epel for el=
5/6/7 and for fedora in the fedora repos I am not sure why it=27s not avail=
able in the
=3E=3E=3E=3E public ovirt repositories=2C however that was somehow always a=
problem with ovirt releases=2C but I recommend anyway to use epel for the=
ovirt guest
=3E=3E=3E=3E agent due to the fact that I am releasing the guest agent alwa=
ys to epel and it will get updated from there=2E
=3E=3E=3E=3E
=3E=3E=3E=3E Please also note that the repo location has changed=2E ovirt-3=
=2E5 for el6 is now here=3A http=3A//resources=2Eovirt=2Eorg/pub/ovirt-3=2E=
5/rpm/el6/
=3E=3E=3E=3E
=3E=3E=3E=3E However what I don=27t know=2C is how the 3=2E3=2E3 repository=
got installed for you=2C I am not sure that this was done by the bare =27c=
loud-init=27=2C that might
=3E=3E=3E=3E be specific to your cloud init configuration=2E
=3E=3E=3E Well that can=27t be specific=2E I completely wipe the test envir=
onment every couple weeks and just provisioned a completely fresh ovirt 3=
=2E5=2E2rc3 install=2E
=3E=3E=3E
=3E=3E=3E Normally I don=27t use cloud-init as we have foreman=2C but I was=
testing it=2E The only thing I did was=2C create new VM and checked the cl=
oud-init/sysprep
=3E=3E=3E checkbox=2E The rest oVirt did automatically=2E
=3E=3E=3E
=3E=3E=3E What I think is happening is that the CentOS 6=2E5 image in the o=
virt-image-repository glance provider is outdated=2E I used this as templat=
e for quick
=3E=3E=3E testing=2E
=3E=3E=3E
=3E=3E=3E Does anyone know who maintains these images=3F
=3E=3E Sandro=2C do you by any chance know who does=3F
=3E Nobody maintains actively the images in the glance repository=2E
=3E I raised the issue a while ago=5B1=5D and proposed as =22get involved=
=22 task to provide updated images=5B2=5D for the glance repository=2E
=3E Once new images will be available=2C Oved can upload them into the glan=
ce repository=2E
=3E
=3E =5B1=5D http=3A//lists=2Eovirt=2Eorg/pipermail/devel/2015-April/010193=
=2Ehtml
=3E =5B2=5D http=3A//lists=2Eovirt=2Eorg/pipermail/devel/2015-April/010199=
=2Ehtml
=3E
=3E
Ok=2C I will schedule some time to update them as I had been planning to
=22get involved=22 some more =3B-=29
Will upload somewhere next week=2E
Met vriendelijke groet=2C With kind regards=2C
Jorick Astrego
Netbulae Virtualization Experts=20
----------------
=09Tel=3A 053 20 30 270 =09info=40netbulae=2Eeu =09Staalsteden 4-3A =09KvK=
08198180
=09Fax=3A 053 20 30 271 =09www=2Enetbulae=2Eeu =097547 TA Enschede =09BTW=
NL821234584B01
----------------
------------MIME-2638369536-379142252-delim
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=3Chtml=3E
=3Cbody=3E
<br>
<br>
On 04/09/2015 10:12 AM, Sandro Bonazzola wrote: <br>
<font color=3D"#000000">> Il 09/04/2015 10:03, Vinzenz Feenstra ha
scrit=
to: </font><br>
<font color=3D"#000000">>> On 04/09/2015 09:55 AM, Jorick
Astrego wro=
te: </font><br>
<font
color=3D"#000000">>>> </font><br>
<font color=3D"#000000">>>> On 04/09/2015 08:56 AM,
Vinzenz Feenst=
ra wrote: </font><br>
<font color=3D"#000000">>>>> On 04/08/2015
04:34 PM, Jorick Ast=
rego wrote: </font><br>
<font color=3D"#000000">>>>>>
Hi, </font><br>
<font color=3D"#000000">>>>>
Hi, </font><br>
<font color=3D"#000000">>>>>> Testing
3.5.2rc3, I see AVC de=
nied messages for the ovrit-guest agent (installed through cloud-init).
=
;</font><br>
<font
color=3D"#000000">>>>>> </font><br>
<font
color=3D"#000000">>>>>>
type=
=3DAVC msg=3Daudit(1428510418.333:142): avc: denied { read } fo=
r pid=3D1113 comm=3D"ovirt-guest-age"
name=3D"online&q=
uot; dev=3Dsysfs ino=3D23 </font><br>
<font
color=3D"#000000">>>>>>
sconte=
xt=3Dsystem_u:system_r:rhev_agentd_t:s0 tcontext=3Dsystem_u:object_r:sysfs_=
t:s0 tclass=3Dfile </font><br>
<font
color=3D"#000000">>>>>>
type=
=3DAVC msg=3Daudit(1428510418.333:142): avc: denied { open } fo=
r pid=3D1113 comm=3D"ovirt-guest-age"
name=3D"online&q=
uot; dev=3Dsysfs ino=3D23 </font><br>
<font
color=3D"#000000">>>>>>
sconte=
xt=3Dsystem_u:system_r:rhev_agentd_t:s0 tcontext=3Dsystem_u:object_r:sysfs_=
t:s0 tclass=3Dfile </font><br>
<font
color=3D"#000000">>>>>>
type=
=3DSYSCALL msg=3Daudit(1428510418.333:142): arch=3Dc000003e syscall=3D2 suc=
cess=3Dyes exit=3D6 a0=3D7f8a655612b8 a1=3D80000 a2=3D2803ff a3=3D0 items=
=3D0 ppid=3D1 </font><br>
<font
color=3D"#000000">>>>>>
pid=3D=
1113 auid=3D4294967295 uid=3D175 gid=3D175 euid=3D175 suid=3D175 fsuid=3D17=
5 egid=3D175 sgid=3D175 fsgid=3D175 tty=3D(none) ses=3D4294967295 </fon=
t><br>
<font
color=3D"#000000">>>>>>
comm=
=3D"ovirt-guest-age" exe=3D"/usr/bin/python"
subj=3Dsys=
tem_u:system_r:rhev_agentd_t:s0 key=3D(null) </font><br>
<font
color=3D"#000000">>>>>> </font><br>
<font color=3D"#000000">>>>>> And when
I check the rpm I see=
: </font><br>
<font
color=3D"#000000">>>>>> </font><br>
<font
color=3D"#000000">>>>>>
rpm -q=
a|grep ovirt </font><br>
<font
color=3D"#000000">>>>>>
ovirt-=
release-el6-10.0.1-3.noarch </font><br>
<font
color=3D"#000000">>>>>>
ovirt-=
guest-agent-1.0.8-1.el6.noarch </font><br>
<font
color=3D"#000000">>>>>> </font><br>
<font color=3D"#000000">>>>> Well the latest
guest agent is alw=
ays available on epel for el5/6/7 and for fedora in the fedora repos I am n=
ot sure why it's not available in the </font><br>
<font color=3D"#000000">>>>> public ovirt
repositories, however=
that was somehow always a problem with ovirt releases, but I recommend any=
way to use epel for the ovirt guest </font><br>
<font color=3D"#000000">>>>> agent due to the
fact that I am re=
leasing the guest agent always to epel and it will get updated from there.&=
#13;</font><br>
<font
color=3D"#000000">>>>> </font><br>
<font color=3D"#000000">>>>> Please also note
that the repo loc=
ation has changed. ovirt-3.5 for el6 is now here: <a href=3D"http://resourc=
es.ovirt.org/pub/ovirt-3.5/rpm/el6/">http://resources.ovirt.org/p...
.5/rpm/el6/</a> </font><br>
<font
color=3D"#000000">>>>> </font><br>
<font color=3D"#000000">>>>> However what I
don't know, is how =
the 3.3.3 repository got installed for you, I am not sure that this was don=
e by the bare 'cloud-init', that might </font><br>
<font color=3D"#000000">>>>> be specific to
your cloud init con=
figuration. </font><br>
<font color=3D"#000000">>>> Well that can't be
specific. I complet=
ely wipe the test environment every couple weeks and just provisioned a com=
pletely fresh ovirt 3.5.2rc3 install. </font><br>
<font
color=3D"#000000">>>> </font><br>
<font color=3D"#000000">>>> Normally I don't use
cloud-init as we =
have foreman, but I was testing it. The only thing I did was, create new VM=
and checked the cloud-init/sysprep </font><br>
<font color=3D"#000000">>>> checkbox. The rest oVirt
did automatic=
ally. </font><br>
<font
color=3D"#000000">>>> </font><br>
<font color=3D"#000000">>>> What I think is happening
is that the =
CentOS 6.5 image in the ovirt-image-repository glance provider is outdated.=
I used this as template for quick </font><br>
<font color=3D"#000000">>>>
testing. </font><br>
<font
color=3D"#000000">>>> </font><br>
<font color=3D"#000000">>>> Does anyone know who
maintains these i=
mages? </font><br>
<font color=3D"#000000">>> Sandro, do you by any chance know
who does=
? </font><br>
<font color=3D"#000000">> Nobody maintains actively the images in
the gl=
ance repository. </font><br>
<font color=3D"#000000">> I raised the issue a while ago[1] and
proposed=
as "get involved" task to provide updated images[2] for the glan=
ce repository. </font><br>
<font color=3D"#000000">> Once new images will be available, Oved
can up=
load them into the glance repository. </font><br>
<font color=3D"#000000">> </font><br>
<font color=3D"#000000">> [1] <a
href=3D"http://lists.ovirt.org/pipermai=
l/devel/2015-April/010193.html">http://lists.ovirt.org/pipermail/...
-April/010193.html</a> </font><br>
<font color=3D"#000000">> [2] <a
href=3D"http://lists.ovirt.org/pipermai=
l/devel/2015-April/010199.html">http://lists.ovirt.org/pipermail/...
-April/010199.html</a> </font><br>
<font color=3D"#000000">> </font><br>
<font color=3D"#000000">> </font><br>
Ok, I will schedule some time to update them as I had been planning to =
<br>
"get involved" some more ;-) <br>
<br>
Will upload somewhere next week. <br>
<br>
<br>
=
=3CBR /=3E
=3CBR /=3E
=3Cb style=3D=22color=3A=23604c78=22=3E=3C/b=3E=3Cbr=3E=3Cspan style=3D=22c=
olor=3A=23604c78=3B=22=3E=3Cfont color=3D=22000000=22=3E=3Cspan style=3D=22=
mso-fareast-language=3Aen-gb=3B=22 lang=3D=22NL=22=3EMet vriendelijke groet=
=2C With kind regards=2C=3Cbr=3E=3Cbr=3E=3C/span=3EJorick Astrego=3C/font=
=3E=3C/span=3E=3Cb style=3D=22color=3A=23604c78=22=3E=3Cbr=3E=3Cbr=3ENetbul=
ae Virtualization Experts =3C/b=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3B=
border-top=3A1px solid =23ccc=3B=22=3E=3Ctable style=3D=22width=3A 522px=22=
=3E=3Ctbody=3E=3Ctr=3E=3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=
=22=3ETel=3A 053 20 30 270=3C/td=3E =3Ctd style=3D=22width=3A 130px=3Bf=
ont-size=3A 10px=22=3Einfo=40netbulae=2Eeu=3C/td=3E =3Ctd style=3D=22wid=
th=3A 130px=3Bfont-size=3A 10px=22=3EStaalsteden 4-3A=3C/td=3E =3Ctd sty=
le=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EKvK 08198180=3C/td=3E=3C/tr=
=3E=3Ctr=3E =3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EFax=
=3A 053 20 30 271=3C/td=3E =3Ctd style=3D=22width=3A 130px=3Bfont-size=
=3A 10px=22=3Ewww=2Enetbulae=2Eeu=3C/td=3E =3Ctd style=3D=22width=3A 130=
px=3Bfont-size=3A 10px=22=3E7547 TA Enschede=3C/td=3E =3Ctd style=3D=22w=
idth=3A 130px=3Bfont-size=3A 10px=22=3EBTW NL821234584B01=3C/td=3E=3C/tr=3E=
=3C/tbody=3E=3C/table=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3Bborder-top=
=3A1px solid =23ccc=3B=22=3E=3CBR /=3E
=3C/body=3E
=3C/html=3E
------------MIME-2638369536-379142252-delim--
11:34 a.m.
Il 09/04/2015 10:17, Jorick Astrego ha scritto:
On 04/09/2015 10:12 AM, Sandro Bonazzola wrote:
> Il 09/04/2015 10:03, Vinzenz Feenstra ha scritto:
>> On 04/09/2015 09:55 AM, Jorick Astrego wrote:
>>>
>>> On 04/09/2015 08:56 AM, Vinzenz Feenstra wrote:
>>>> On 04/08/2015 04:34 PM, Jorick Astrego wrote:
>>>>> Hi,
>>>> Hi,
>>>>> Testing 3.5.2rc3, I see AVC denied messages for the ovrit-guest agent
(installed through cloud-init).
>>>>>
>>>>> type=AVC msg=audit(1428510418.333:142): avc: denied { read }
for pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs ino=23
>>>>> scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
>>>>> type=AVC msg=audit(1428510418.333:142): avc: denied { open }
for pid=1113 comm="ovirt-guest-age" name="online" dev=sysfs ino=23
>>>>> scontext=system_u:system_r:rhev_agentd_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
>>>>> type=SYSCALL msg=audit(1428510418.333:142): arch=c000003e
syscall=2 success=yes exit=6 a0=7f8a655612b8 a1=80000 a2=2803ff a3=0 items=0 ppid=1
>>>>> pid=1113 auid=4294967295 uid=175 gid=175 euid=175 suid=175
fsuid=175 egid=175 sgid=175 fsgid=175 tty=(none) ses=4294967295
>>>>> comm="ovirt-guest-age" exe="/usr/bin/python"
subj=system_u:system_r:rhev_agentd_t:s0 key=(null)
>>>>>
>>>>> And when I check the rpm I see:
>>>>>
>>>>> rpm -qa|grep ovirt
>>>>> ovirt-release-el6-10.0.1-3.noarch
>>>>> ovirt-guest-agent-1.0.8-1.el6.noarch
>>>>>
>>>> Well the latest guest agent is always available on epel for el5/6/7 and
for fedora in the fedora repos I am not sure why it's not available in the
>>>> public ovirt repositories, however that was somehow always a problem with
ovirt releases, but I recommend anyway to use epel for the ovirt guest
>>>> agent due to the fact that I am releasing the guest agent always to epel
and it will get updated from there.
>>>>
>>>> Please also note that the repo location has changed. ovirt-3.5 for el6 is
now here: http://resources.ovirt.org/pub/ovirt-3.5/rpm/el6/
>>>>
>>>> However what I don't know, is how the 3.3.3 repository got installed
for you, I am not sure that this was done by the bare 'cloud-init', that might
>>>> be specific to your cloud init configuration.
>>> Well that can't be specific. I completely wipe the test environment every
couple weeks and just provisioned a completely fresh ovirt 3.5.2rc3
install.
>>>
>>> Normally I don't use cloud-init as we have foreman, but I was testing it.
The only thing I did was, create new VM and checked the cloud-init/sysprep
>>> checkbox. The rest oVirt did automatically.
>>>
>>> What I think is happening is that the CentOS 6.5 image in the
ovirt-image-repository glance provider is outdated. I used this as template for quick
>>> testing.
>>>
>>> Does anyone know who maintains these images?
>> Sandro, do you by any chance know who does?
> Nobody maintains actively the images in the glance repository.
> I raised the issue a while ago[1] and proposed as "get involved" task to
provide updated images[2] for the glance repository.
> Once new images will be available, Oved can upload them into the glance repository.
>
> [1] http://lists.ovirt.org/pipermail/devel/2015-April/010193.html
> [2] http://lists.ovirt.org/pipermail/devel/2015-April/010199.html
>
>
Ok, I will schedule some time to update them as I had been planning to
"get involved" some more ;-)
Will upload somewhere next week.
Great :-)
**
Met vriendelijke groet, With kind regards,
Jorick Astrego*
Netbulae Virtualization Experts *
------------------------------------------------------------------------------------------------------------------------------------------------------
Tel: 053 20 30 270 info(a)netbulae.eu Staalsteden 4-3A KvK 08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01
------------------------------------------------------------------------------------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
3514
days inactive
3515
days old
6 comments
3 participants
participants (3)
-
Jorick Astrego -
Sandro Bonazzola -
Vinzenz Feenstra