As far as it goes for RHEV:
- Virtual machine migration will fail if migrating from a hypervisor with
SELinux enabled to one with SELinux disabled
- A virtual machine previously started on a hypervisor with SELinux enabled
will not start on a hypervisor with SELinux disable.
RHEV manages the SELinux configuration on RHEV Hypervisors in a persistent
state, SELinux is enabled by default.
You'll need to run sestatus as a superuser on each host in the cluster and
observe the output,
evaluate each host in the cluster to make sure the setting for "SELinux
status" is consistent.
Regards,
Yanir Quinn
On Sat, Jul 29, 2017 at 12:21 AM, Bill James <bill.james(a)j2.com> wrote:
I was hoping to migrate my systems to using selinux gradually.
I added 3 new nodes with selinux in permissive mode.
Migration fails to any of the previous hosts that currently have selinux
disabled.
Is it an all or nothing deal? Obviously not easy to reboot all nodes at
once.
2017-07-28 09:35:43,616 ERROR (migsrc/8c566813) [virt.vm]
(vmId='8c566813-4bee-4f04-be23-c9fc10e1e1f2') unsupported configuration:
Unable to find security driver for model selinux (migration:265)
2017-07-28 09:35:43,641 ERROR (migsrc/8c566813) [virt.vm]
(vmId='8c566813-4bee-4f04-be23-c9fc10e1e1f2') Failed to migrate
(migration:405)
Traceback (most recent call last):
ovirt-engine-4.1.0.4-1.el7.centos.noarch
libselinux-utils-2.5-6.el7.x86_64
related:
http://lists.ovirt.org/pipermail/users/2016-October/076878.html
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users