Bug 1369048
Summary: | SELinux preventing libvirt from starting KVM guest | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Louis van Dyk <louis> | ||||
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 24 | CC: | dominick.grift, dwalsh, jan.public, lvrabec, mgrepl, plautrba | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-08-23 07:43:28 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Duplicate of Bug 1368745? I hang my head in shame. Yes, I would agree it's a duplicate of Bug 1368745. Thank you! *** This bug has been marked as a duplicate of bug 1368745 *** |
Created attachment 1192906 [details] audit.log entries when attempting to start guest. Description of problem: This morning I updated all my patches after my PC had been off for a week. I noticed some SELINUX messages during the dnf process but foolishly didn't pay them attention. After rebooting, I tried to start my KVM guest, but it would not start, claiming that SELinux was denying it. I have attached the audit.log from the time I pressed "Start" until it died. Version-Release number of selected component (if applicable): libselinux-2.5-9.fc24.i686 libselinux-2.5-9.fc24.x86_64 libselinux-devel-2.5-9.fc24.x86_64 libselinux-python-2.5-9.fc24.x86_64 libselinux-python3-2.5-9.fc24.x86_64 libselinux-utils-2.5-9.fc24.x86_64 libvirt-client-1.3.3.2-1.fc24.x86_64 libvirt-daemon-1.3.3.2-1.fc24.x86_64 libvirt-daemon-config-network-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-interface-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-network-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-nodedev-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-nwfilter-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-qemu-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-secret-1.3.3.2-1.fc24.x86_64 libvirt-daemon-driver-storage-1.3.3.2-1.fc24.x86_64 libvirt-daemon-kvm-1.3.3.2-1.fc24.x86_64 libvirt-gconfig-0.2.3-2.fc24.x86_64 libvirt-glib-0.2.3-2.fc24.x86_64 libvirt-gobject-0.2.3-2.fc24.x86_64 libvirt-python-1.3.3-3.fc24.x86_64 rpm-plugin-selinux-4.13.0-0.rc1.27.fc24.x86_64 selinux-policy-3.13.1-191.12.fc24.noarch selinux-policy-targeted-3.13.1-191.12.fc24.noarch How reproducible: Every time. Steps to Reproduce: 1. Start the guest, either through virsh via CLI or virt-manager using GUI. 2. Guest fails to start. Actual results: Guest fails to start, stating that SELinux denied it permission to start. Expected results: As it always has, the guest should start. Additional info: After running "setenforce 0" I am able to start the guest.