On Wed, Oct 19, 2016 at 10:47:18AM +0100, lejeczek
wrote:>hi all
>
>I have in my centos 7 this:
>
>crw-------. 1 root root 10, 183 Oct 11 21:28 /dev/hwrng
>
Do ls -lZ to see the context as well.
>and VM fails, complains like this:
>
How about the domain's XML? What's there?
>virsh # start volatile-work6
>error: Failed to start domain volatile-work6
>error: internal error: process exited while connecting to
>monitor: 2016-10-19T09:42:05.988142Z qemu-kvm: -object
>rng-random,id=objrng0,filename=/dev/hwrng: Could not open
>'/dev/hwrng': Permission denied
>
Did you check logs? Whether libvirt relabeled it? If there's an AVC
denial?
also the module itself (which owns /dev/hwrng) can check the permissions
itself, so it might be needed to use some option for that module
(although I believe that could be considered a bug).
>which reads logical. Now - is this normal that hwrng is
>created with these permissions?
>And if yes then how to pass-through it to the VMs?
>How to aid VMs with hardware random numbers generator?
>
>many thanks.
>L
>
>_______________________________________________
>libvirt-users mailing list
>libvirt-users at redhat.com
>https://www.redhat.com/mailman/listinfo/libvirt-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL:
<http://listman.redhat.com/archives/libvirt-users/attachments/20161101/6eb9fca3/attachment.sig>