[Users] SELinux policy issue with oVirt/sanlock
Federico Simoncelli
fsimonce at redhat.com
Thu Oct 25 02:50:51 UTC 2012
----- Original Message -----
> From: "Haim Ateya" <hateya at redhat.com>
> To: "Brian Vetter" <bjvetter at gmail.com>
> Cc: users at ovirt.org, selinux at lists.fedoraproject.org
> Sent: Wednesday, October 24, 2012 7:03:39 PM
> Subject: Re: [Users] SELinux policy issue with oVirt/sanlock
>
> ----- Original Message -----
> > From: "Brian Vetter" <bjvetter at gmail.com>
> > To: "Haim Ateya" <hateya at redhat.com>
> > Cc: users at ovirt.org, selinux at lists.fedoraproject.org
> > Sent: Wednesday, October 24, 2012 6:24:31 PM
> > Subject: Re: [Users] SELinux policy issue with oVirt/sanlock
> >
> > I removed lock_manager=sanlock from the settings file, restarted
> > the
> > daemons, and all works fine right now. I'm guessing that means
> > there
> > is no locking of the VMs (the default?).
>
> that's right, i'm glad it works for you, but it just a workaround
> since we expect this configuration to work, it would be much
> appreciated if you
> could open a bug on that issue so we can track and resolve when
> possible.
> please attach all required logs such as: vdsm.log, libvirtd.log,
> qemu.log (under /var/log/libvirt/qemu/), audit.log, sanlock.log and
> /var/log/messages.
What's the bug number? To clarify/recap:
- the lock_manager=sanlock configuration is correct (and it shouldn't
be removed)
- you should set setenforce 0 (with lock_manager=sanlock) and try to
start a VM; all the avc errors that you find in /var/log/messages
and in /var/log/audit/audit.log should be used to open a selinux
policy bug
--
Federico
More information about the Users
mailing list