<div dir="ltr"><div><div>As far as it goes for RHEV:<br><br>- Virtual machine migration will fail if migrating from a hypervisor with SELinux enabled to one with SELinux disabled<br>- A virtual machine previously started on a hypervisor with SELinux enabled will not start on a hypervisor with SELinux disable.<br><br>RHEV manages the SELinux configuration on RHEV Hypervisors in a persistent state, SELinux is enabled by default.<br><br></div><div>You'll need to run <code>sestatus</code> as a superuser on each host in the cluster and observe the output, <br>evaluate each host in the cluster to make sure the setting for "SELinux status" is consistent.</div><div><br></div>Regards,<br></div>Yanir Quinn<br>
</div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Jul 29, 2017 at 12:21 AM, Bill James <span dir="ltr"><<a href="mailto:bill.james@j2.com" target="_blank">bill.james@j2.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I was hoping to migrate my systems to using selinux gradually.<br>
I added 3 new nodes with selinux in permissive mode.<br>
Migration fails to any of the previous hosts that currently have selinux disabled.<br>
Is it an all or nothing deal? Obviously not easy to reboot all nodes at once.<br>
<br>
2017-07-28 09:35:43,616 ERROR (migsrc/8c566813) [virt.vm] (vmId='8c566813-4bee-4f04-be23<wbr>-c9fc10e1e1f2') unsupported configuration: Unable to find security driver for model selinux (migration:265)<br>
2017-07-28 09:35:43,641 ERROR (migsrc/8c566813) [virt.vm] (vmId='8c566813-4bee-4f04-be23<wbr>-c9fc10e1e1f2') Failed to migrate (migration:405)<br>
Traceback (most recent call last):<br>
<br>
<br>
ovirt-engine-4.1.0.4-1.el7.cen<wbr>tos.noarch<br>
libselinux-utils-2.5-6.el7.x86<wbr>_64<br>
<br>
<br>
related: <a href="http://lists.ovirt.org/pipermail/users/2016-October/076878.html" rel="noreferrer" target="_blank">http://lists.ovirt.org/piperma<wbr>il/users/2016-October/076878.<wbr>html</a><br>
<br>
______________________________<wbr>_________________<br>
Users mailing list<br>
<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman<wbr>/listinfo/users</a><br>
</blockquote></div><br></div>