similar to: Does libvirt check MCS labels during hot-add disk image ?

Milan Zamazal <mzamazal@redhat.com> writes: > Daniel P. Berrangé <berrange@redhat.com> writes: > >> On Thu, Jul 02, 2020 at 01:21:15PM +0200, Milan Zamazal wrote: >>> The second problem is that a VM fails to start with a backing NVDIMM in >>> devdax mode due to SELinux preventing access to the /dev/dax* device (it >>> doesn't happen with any

I recently began getting periodic emails from SEalert that SELinux is preventing /usr/libexec/qemu-kvm "getattr" access from the directory I store all my virtual machines for KVM. All VMs are stored under /vmstore , which is it's own mount point, and every file and folder under /vmstore currently has the correct context that was set by doing the following: semanage fcontext -a -t

On Mon, January 16, 2012 17:01, Dennis Jacobfeuerborn wrote: > On 01/16/2012 10:16 PM, James B. Byrne wrote: > > ... >> The xmldump for this guest instance contains this: > ... > > Please post the xmldumps of the original guest and cloned > guest right after > cloning and without any modifications. > > Regards, > Dennis Prototype dumpxml virsh # dumpxml

Hi! I am trying libvirt on POWERPC64 with the default settings such as selinux enabled. It is all good till I move images out of /var/lib/libvirt/images/. http://libvirt.org/drvqemu.html#securityselinux is saying that "If attempting to use disk images in another location, the user/administrator must ensure the directory has be given this requisite label. Likewise physical block devices

Hello, I'm using HP homeserver where host system run CentOS 6.3 with KVM virtualization with SELinux enabled, guests too run the same OS (but without SELinux, but this does not matter). Host system installed on mirrors based on sda and sdb physical disks. sd{c..f} disks attached to KVM guest (whole disks, not partitions; needed to use zfs (zfsonlinux) benefit features). Problem is that disks

Hi I have configured KVM with Fedora Core 13 by enabling the KVM virtualization option while installing OS. I have successfully created the guest OS by using the virt-install API /usr/sbin/virt-install --name centos5 --ram 512 --disk path=/var/lib/libvirt/images/ centos.img,size=5 --network network:default --accelerate --vnc -c /tmp/CentOS-5.3-i386-bin-DVD.iso I am able to login to the guest OS

Attempting to take snapshots of VM using virsh with the following command, # virsh -c qemu:///system snapshot-create CentOS6-x86-001 Results in the following error, error: internal error unable to execute QEMU command 'savevm': The command savevm has not been found The VM's virtual disks are qcow2. Below is the XML file for this vm ------------ <domain type='kvm'

What are you using for the database - SQLite? I am using mysql (mariadb). I am not familiar with SQLlite. Can you access the database from the console - look up the list of tables - display the contents from a table? Anything to see if your SQLite is working and has asterisk data in it. From your Asterisk console, |CLI> core show help database| should give you a list of commands that you

Attempting to take snapshots of VM using virsh with the following command, # virsh -c qemu:///system snapshot-create CentOS6-x86-001 Results in the following error, error: internal error unable to execute QEMU command 'savevm': The command savevm has not been found The VM's virtual disks are qcow2. Below is the XML file for this vm ------------ <domain type='kvm'

Hi I have configured KVM with Fedora Core 13 by enabling the KVM virtualization option while installing OS. I have successfully created the guest OS by using the virt-install API /usr/sbin/virt-install --name centos5 --ram 512 --disk path=/var/lib/libvirt/images/ centos.img,size=5 --network network:default --accelerate --vnc -c /tmp/CentOS-5.3-i386-bin-DVD.iso Os installed successfully and after

Hi, I'm trying to add a channel on a Openstack instance via this command : # virsh attach-device instance-00000005 test.xml that returns this error error: Failed to attach device from test.xml error: internal error: no virtio-serial controllers are available # # cat test.xml : <channel type='unix'> <source mode='bind'

I am having a very strange issue with Dovecot + Sqlite + SELinux in enforcing. I am able to log in via IMAPS if SELinux is in permissive, but not able to do so when in enforcing. I do not see any SELinux denials even with dontaudit's enabled. I am running Centos 5 on x86_64 with a customized kernel build and SElinux Strict policy. The log dumps below are in the following order:? 1. My syslog

is spice-vdagent installed and running in the VM? ----- Original Message ----- > From: "Dean Hunter" <deanhunter@comcast.net> > To: "Andrew Cathrow" <acathrow@redhat.com> > Cc: libvirt-users@redhat.com > Sent: Sunday, July 21, 2013 2:27:41 PM > Subject: Re: [libvirt-users] Clipboard > On Sun, 2013-07-21 at 13:49 -0400, Andrew Cathrow wrote:

OK, I have a strange problem. It is probably something simple/stupid, but I cannot figure it out. I have a nice new PowerEdge T20 that I installed CentOS 6 (6.5) on with Virtualization (KVM). I then installed Ubuntu 14.04 in a virtual machine, with a bridged network: ------ begin ub140464.xml------------------ <domain type='kvm' id='2'>

I have a very strange issue that has plagued our KVM-based hypervisor infrastructure. Environment: - All EL7-based libvirt releases since EL7.0 - Fully patched EL7-based KVM guest on a fully patched EL7-based KVM host. - Secondary disk attached via 'virsh attach-device guest /vm/guest-with-secondary-disk-01/disk2.xml --persistent' (note --persistent flag here) Problem Description: -

On 06/03/2017 05:47 PM, Martin Kletzander wrote: > On Sat, Jun 03, 2017 at 05:20:47PM -0400, Michael C Cambria wrote: >> I also tried stopping libvirtd, renaming both qemu-system-i386 and >> qemu-system-x86_64, start libvirtd. Things get further along; dnsmasq >> log messages show up. >> >> $ sudo systemctl status libvirtd.service >> ● libvirtd.service -

Hi, how do I allow lighttpd access to a directory like this: dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles I tried to create and install a selinux module, and it didn?t work. The non-working module can not be removed, either: semodule -r lighttpd-files_articles.pp libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at

On Tue, Jul 14, 2020 at 6:03 PM Daniel P. Berrangé <berrange@redhat.com> wrote: > On Tue, Jul 14, 2020 at 04:02:17PM +0300, Ram Lavi wrote: > > On Tue, Jul 14, 2020 at 3:33 PM Daniel P. Berrangé <berrange@redhat.com> > > wrote: > > > > > On Tue, Jul 14, 2020 at 03:21:17PM +0300, Ram Lavi wrote: > > > > Hello all, > > > > > >

Am 11.04.2020 um 13:00 schrieb Andrei Petru Mura: > Hi, > > After configuring systemd unit with ReadWritePaths=/home/mail, I get the > following error logs in audit: > type=AVC msg=audit(1586604621.637:6736): avc: denied { write } for > pid=12750 comm="imap" name="Maildir" dev="dm-3" ino=438370738 > scontext=system_u:system_r:dovecot_t:s0

Hello, I have deployed Bugzilla 3.6.2 on CentOS 5 (with rpmforge perl-* packages) and I have a problem with SELinux preventing mail being sent via sendmail. (see SELinux reports below, especially the second one) When SELinux is in permissive mode, mail sending from Bugzilla is working properly. Has anybody got recent Bugzilla to work with SELinux on CentOS? Thanks in advance! Mathieu