[ovirt-devel] SELinux issue with f20 libvirtd

Eric Blake eblake at redhat.com
Wed Apr 1 16:04:18 UTC 2015


On 04/01/2015 09:58 AM, Nir Soffer wrote:

>>
>> and /dev/vport2p1 seams to be badly labeled:
>> crw-rw----. ovirtagent ovirtagent system_u:object_r:virtio_device_t:s0
>> /dev/vport2p1
>>
>> I was using:
>> libvirt-daemon.x86_64            1.1.3.9-1.fc20     @updates
>> selinux-policy.noarch            3.12.1-197.fc20    @updates
>> selinux-policy-targeted.noarch   3.12.1-197.fc20    @updates
>>
>> The issue doesn't reproduce enabling virt-preview repo and using a fresher
>> libvirtd.
>>
>> Should I open a bug to have something back-ported on f20 libvirt or should we
>> explicitly require virt-preview repo for oVirt 3.5.2 as we are doing for
>> master?
> 
> I think you should open a bug for libvirt and or selinux. This is probably an
> selinux issue, but libvirt guys should be in the loop.

I'm not sure if there have been any libvirt patches between 1.1.3 and
1.2.9 that affect libvirt labeling, or if it is a selinux problem.  But
if there was a libvirt patch, we can certainly backport it to F20 with a BZ.

> 
> If the platform cannot provide a fix for fedora 20, we can require virt-preview.
> 
> Adding Eric who can give a better answer.
> 
> Nir
> 
> 

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ovirt.org/pipermail/devel/attachments/20150401/aa9bd37a/attachment.sig>


More information about the Devel mailing list