Displaying 8 results from an estimated 8 matches for "virt_content_t".
2012 Feb 24
0
SELinux killed my qemu-kvm
...ort 1(vnet0) entering disabled
state
Feb 24 17:25:28 desk kernel: device vnet0 left promiscuous mode
Feb 24 17:25:28 desk kernel: virbr0: port 1(vnet0) entering disabled
state
Feb 24 17:25:28 desk setroubleshoot: SELinux is preventing
pam_console_app (pam_console_t) "getattr" to /dev/hda (virt_content_t).
For complete SELinux messages. run sealert -l
9ee6c9a9-3eda-4082-84d3-5741ea9ff688
SELinux alert summary
SELinux is preventing pam_console_app (pam_console_t) "getattr"
to /dev/hda
(virt_content_t).
Detailed Description:
SELinux denied access requested by pam_console_app. It is not...
2018 May 21
2
[PATCH for discussion only] lib: libvirt: If root, run qemu subprocess as root.root.
...label type="static" model="dac" relabel="no">
<label>0:0</label>
</seclabel>
This patch makes that change.
I notice that after this change, qemu is indeed running as root.
However the file being examined still gets relabelled by SELinux (to
virt_content_t IIRC). Maybe this relabelling is in fact desirable.
Also as you can see from the patch there are cases where we use
another <seclabel model='selinux'/> element to set labels to a known
value. It's not clear if we can include both <seclabel/> elements.
The patch as shown o...
2013 Apr 08
1
libvirt, selinux, moving images to ~/images does not work
...lib/libvirt/images
drwxr-xr-x. root root system_u:object_r:virt_image_t:s0 /home/aik/virtimg
drwxr-xr-x. root root system_u:object_r:virt_image_t:s0 /var/lib/libvirt/images
[root at vpl2 ~]# ls -lZ /home/aik/virtimg /var/lib/libvirt/images
/home/aik/virtimg:
-rwxrwxrwx. root root system_u:object_r:virt_content_t:s0
Fedora-18-ppc64-DVD.iso
/var/lib/libvirt/images:
-rwxrwxrwx. root root system_u:object_r:virt_image_t:s0 fc18guest
However "virsh -c qemu:///system create libvirtguest-aik.xml" failes with
"avc: denied { dac_override }" and "avc: denied { dac_read_search }"....
2017 Oct 16
2
Elias Hickman's libguestfs dump
..._u:object_r:user_tmp_t:s0 qemu.stat
libguestfs:
libguestfs: /var/tmp/.guestfs-1001/appliance.d:
libguestfs: drwxr-xr-x. stack stack unconfined_u:object_r:user_tmp_t:s0 .
libguestfs: drwxr-xr-x. stack stack unconfined_u:object_r:user_tmp_t:s0 ..
libguestfs: -rw-r--r--. stack stack system_u:object_r:virt_content_t:s0 initrd
libguestfs: -rwxr-xr-x. stack stack system_u:object_r:virt_content_t:s0 kernel
libguestfs: -rw-r--r--. stack stack system_u:object_r:virt_content_t:s0 root
libguestfs: command: run: ls
libguestfs: command: run: \ -a
libguestfs: command: run: \ -l
libguestfs: command: run: \ -Z /tmp/libgue...
2017 Jun 03
2
Re: libvirtd not accepting connections
On Sat, Jun 03, 2017 at 05:20:47PM -0400, Michael C Cambria wrote:
>I also tried stopping libvirtd, renaming both qemu-system-i386 and
>qemu-system-x86_64, start libvirtd. Things get further along; dnsmasq
>log messages show up.
>
>$ sudo systemctl status libvirtd.service
>● libvirtd.service - Virtualization daemon
> Loaded: loaded
2017 Jun 04
0
Re: libvirtd not accepting connections
...text
'system_u:system_r:svirt_t:s0', alt domain context
'system_u:system_r:svirt_tcg_t:s0'
2017-06-04 00:04:14.307+0000: 3379: debug :
virSecuritySELinuxQEMUInitialize:537 : Loaded file context
'system_u:object_r:svirt_image_t:s0', content context
'system_u:object_r:virt_content_t:s0'
2017-06-04 00:04:14.307+0000: 3379: debug :
virSecurityManagerNewDriver:86 : drv=0x7fa44d580cc0 (stack)
virtDriver=QEMU flags=a
2017-06-04 00:04:14.307+0000: 3379: debug :
virSecurityManagerNewDriver:86 : drv=0x7fa44d580de0 (dac)
virtDriver=QEMU flags=a
2017-06-04 00:04:14.313+0000: 337...
2017 Jun 04
2
Re: libvirtd not accepting connections
...m_u:system_r:svirt_t:s0', alt domain context
>'system_u:system_r:svirt_tcg_t:s0'
>2017-06-04 00:04:14.307+0000: 3379: debug :
>virSecuritySELinuxQEMUInitialize:537 : Loaded file context
>'system_u:object_r:svirt_image_t:s0', content context
>'system_u:object_r:virt_content_t:s0'
>2017-06-04 00:04:14.307+0000: 3379: debug :
>virSecurityManagerNewDriver:86 : drv=0x7fa44d580cc0 (stack)
>virtDriver=QEMU flags=a
>2017-06-04 00:04:14.307+0000: 3379: debug :
>virSecurityManagerNewDriver:86 : drv=0x7fa44d580de0 (dac)
>virtDriver=QEMU flags=a
>2017-06-0...
2017 Jun 04
0
Re: libvirtd not accepting connections
...39;, alt domain context
>> 'system_u:system_r:svirt_tcg_t:s0'
>> 2017-06-04 00:04:14.307+0000: 3379: debug :
>> virSecuritySELinuxQEMUInitialize:537 : Loaded file context
>> 'system_u:object_r:svirt_image_t:s0', content context
>> 'system_u:object_r:virt_content_t:s0'
>> 2017-06-04 00:04:14.307+0000: 3379: debug :
>> virSecurityManagerNewDriver:86 : drv=0x7fa44d580cc0 (stack)
>> virtDriver=QEMU flags=a
>> 2017-06-04 00:04:14.307+0000: 3379: debug :
>> virSecurityManagerNewDriver:86 : drv=0x7fa44d580de0 (dac)
>> virtDri...