Bug 506250
| Summary: | svirt prevents symlinks to be used in disk image paths | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Stefan Assmann <sassmann> |
| Component: | libvirt | Assignee: | Daniel Veillard <veillard> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 11 | CC: | berrange, clalance, crobinso, dwalsh, gczarcinski, hbrock, itamar, markmc, veillard, virt-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-08-04 15:44:31 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 480594 | ||
Any selinux messages ? '
ausearch -ts recent -m AVC'
Looks like svirt, I just did:
$> mv /var/lib/libvirt/images /var/lib/libvirt/images2
$> ln -s /var/lib/libvirt/images2 /var/lib/libvirt/images
$> restorecon /var/lib/libvirt/images
and I see:
type=AVC msg=audit(1245686812.900:209): avc: denied { read } for pid=23109 comm="setroubleshootd" name="images" dev=dm-1 ino=48592 scontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:virt_image_t:s0 tclass=lnk_file
You can add these rules now using # grep avc /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Fixed in selinux-policy-3.6.12-57.fc11 Marking closed as per comment #2 |
Description of problem: When trying to install a new VM, selecting Local install media, and the ISO image to install from has a symbolic link for the file itself or a symbolic link is used somewhere in the path the creation will terminate with the following errors: Unable to complete install '<class 'libvirt.libvirtError'> internal error unable to start guest: qemu: could not open disk image /home/sassmann/extern/ISOs/Fedora-10-x86_64-DVD.iso Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/create.py", line 1501, in do_install dom = guest.start_install(False, meter = meter) File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 541, in start_install return self._do_install(consolecb, meter, removeOld, wait) File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 633, in _do_install self.domain = self.conn.createLinux(install_xml, 0) File "/usr/lib64/python2.6/site-packages/libvirt.py", line 974, in createLinux if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) libvirtError: internal error unable to start guest: qemu: could not open disk image /home/sassmann/extern/ISOs/Fedora-10-x86_64-DVD.iso In this example /home/sassmann/extern is a symbolic link Version-Release number of selected component (if applicable): virt-manager-0.7.0-5.fc11.x86_64 How reproducible: always Steps to Reproduce: 1. create new VM 2. select to install from ISO stored on the system that is referenced by symbolic link Actual results: creation of VM fails Expected results: creation of VM succeeds Additional info: