[Users] Can't start a VM - sanlock permission denied
Federico Simoncelli
fsimonce at redhat.com
Sun Oct 14 23:11:58 UTC 2012
----- Original Message -----
> From: "Alexandre Santos" <santosam72 at gmail.com>
> To: "Dan Kenigsberg" <danken at redhat.com>
> Cc: "Haim Ateya" <hateya at redhat.com>, users at ovirt.org, "Federico Simoncelli" <fsimonce at redhat.com>
> Sent: Sunday, October 14, 2012 7:23:36 PM
> Subject: Re: [Users] Can't start a VM - sanlock permission denied
>
> 2012/10/13 Dan Kenigsberg < danken at redhat.com >
>
> On Sat, Oct 13, 2012 at 11:25:37AM +0100, Alexandre Santos wrote:
> > Hi,
> > after getting to the oVirt Node console (F2) I figured out that
> > selinux
> > wasn't allowing the sanlock, so I entered the setsebool
> > virt_use_sanlock 1
> > and the problem is fixed.
>
> Which version of vdsm is istalled on your node? and which
> selinux-policy? sanlock should work out-of-the-box.
>
>
> vdsm-4.10.0-10.fc17
>
> on /etc/sysconfig/selinux
> SELINUX=enforcing
> SELINUXTYPE=targeted
As far as I understand the selinux policies for the ovirt-node are set
by recipe/common-post.ks (in the ovirt-node repo):
semanage boolean -m -S targeted -F /dev/stdin << \EOF_semanage
allow_execstack=0
virt_use_nfs=1
EOF_semanage
We should update it with what vdsm is currently setting:
virt_use_sanlock=1
sanlock_use_nfs=1
--
Federico
More information about the Users
mailing list