[ovirt-users] Ip spoofing
Antoni Segura Puimedon
asegurap at redhat.com
Fri Jun 27 09:16:53 UTC 2014
----- Original Message -----
> From: "Punit Dambiwal" <hypunit at gmail.com>
> To: "Antoni Segura Puimedon" <asegurap at redhat.com>, "Dan Kenigsberg" <danken at redhat.com>
> Cc: "Sven Kieske" <S.Kieske at mittwald.de>, users at ovirt.org
> Sent: Friday, June 27, 2014 11:07:56 AM
> Subject: Re: [ovirt-users] Ip spoofing
>
> Hi Dan,
>
> Still the same....VM can spoof the ip address...attached is the VM domain
> xml file....
Did you try to disable SELinux with "setenforce 0" to see if the problem is
one of secure contexts?
>
>
> On Thu, Jun 26, 2014 at 5:30 PM, Punit Dambiwal <hypunit at gmail.com> wrote:
>
> > Hi Sven,
> >
> > I already give the sudo user permission to VDSM user...
> >
> > Yes..after VDSM restart i can see this hook in host tab....I will test it
> > again and udpate you guys if still not solve....
> >
> >
> > On Thu, Jun 26, 2014 at 4:03 PM, Antoni Segura Puimedon <
> > asegurap at redhat.com> wrote:
> >
> >>
> >>
> >> ----- Original Message -----
> >> > From: "Sven Kieske" <S.Kieske at mittwald.de>
> >> > To: users at ovirt.org
> >> > Sent: Thursday, June 26, 2014 9:12:31 AM
> >> > Subject: Re: [ovirt-users] Ip spoofing
> >> >
> >> > Well this is strange, and this should not be the reason
> >> > but can you attach a ".py" ending to the file names (maybe vdsm performs
> >> > some strange checks)?
> >>
> >> We do not ;-)
> >>
> >> > your permissions look good.
> >> > the only other thing I can think of are selinux
> >> > restrictions, can you check them with:
> >> > #this gives you the actual used selinux security level:
> >> > getenforce
> >>
> >> That could be it
> >>
> >> > :this gives you the selinux attributes for the folder:
> >> > ls -lZ /usr/libexec/vdsm/hooks/before_device_create
> >> >
> >> > I first thought it might be related to vdsms sudoers
> >> > rights but a plain python script should be executed
> >> > without modification to the sudoers config.
> >> >
> >> > HTH
> >> >
> >> > Am 26.06.2014 06:22, schrieb Punit Dambiwal:
> >> > > Hi Dan,
> >> > >
> >> > > The permission looks ok...
> >> > >
> >> > >
> >> > > [root at gfs1 ~]# su - vdsm -s
> >> > > /bin/bash
> >> > > -bash-4.1$ ls -l /usr/libexec/vdsm/hooks/before_device_create
> >> > > total 8
> >> > > -rwxr-xr-x. 1 root root 1702 Jun 10 05:25 50_macspoof
> >> > > -rwxr-xr-x. 1 root root 2490 Jun 23 17:47 50_noipspoof
> >> > > -bash-4.1$ exit
> >> > > logout
> >> > > [root at gfs1 ~]#
> >> > >
> >> > > But the strange thing is noipspoof hook not display in the host hooks
> >> > > windows....
> >> >
> >> > --
> >> > Mit freundlichen Grüßen / Regards
> >> >
> >> > Sven Kieske
> >> >
> >> > Systemadministrator
> >> > Mittwald CM Service GmbH & Co. KG
> >> > Königsberger Straße 6
> >> > 32339 Espelkamp
> >> > T: +49-5772-293-100
> >> > F: +49-5772-293-333
> >> > https://www.mittwald.de
> >> > Geschäftsführer: Robert Meyer
> >> > St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad
> >> Oeynhausen
> >> > Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad
> >> Oeynhausen
> >> > _______________________________________________
> >> > Users mailing list
> >> > Users at ovirt.org
> >> > http://lists.ovirt.org/mailman/listinfo/users
> >> >
> >> _______________________________________________
> >> Users mailing list
> >> Users at ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >>
> >
> >
>
More information about the Users
mailing list