Bug 627775
Summary: | O SELinux está impedindo que o /usr/bin/qemu-kvm acesse um descritor de arquivo vazado do /home/cesarb/.libvirt/qemu/log/boot.kernel.org.log. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Cesar Eduardo Barros <cesarb> |
Component: | libvirt | Assignee: | Daniel Veillard <veillard> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 13 | CC: | berrange, clalance, crobinso, dwalsh, hafflys, itamar, jforbes, mgrepl, oliver.henshaw, veillard, virt-maint |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:e6a139fc1a11f58b26f0fa2c50ae2d177a1c08eaf1990dcd8c794646e9d5d906 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-06-10 18:14:23 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Cesar Eduardo Barros
2010-08-26 23:05:34 UTC
I am using qemu:///session, which seems to use ~/.libvirt by default. This file should be opened for append. Not sure why log files are being stored in the homedir. We will need to set up a label for this directory. (In reply to comment #2) > Not sure why log files are being stored in the homedir. We will need to set up > a label for this directory. qemu:///session runs as the user, which would explain why everything is on ~ instead of on a system location. It is not only log files. Oddly, I vaguely recall using restorecon on a F12 machine to set up the correct label on this directory (restorecon -Rv ~/.libvirt/); it used svirt_var_run_t for ~/.libvirt/qemu and descendents. I have no idea why it did not work on F13 (the same command does nothing here). See what happens on F12: $ chcon -t user_home_t .libvirt/qemu/ $ restorecon -Rv ~/.libvirt/ restorecon reset /home/cesarb/.libvirt/qemu context unconfined_u:object_r:user_home_t:s0->unconfined_u:object_r:svirt_var_run_t:s0 Yes this seems we lost this functionality. Miroslav, I suggest we add a new type virt_home_t. And label this ~/.libvirt and its subdirs as virt_home_t. In F12 we had dontaudit write to this dir for svirt_t, If libvirt would fix the logs to be append, then we could allow this access. If this is a qemu issue, we could add another label to the logs directory virt_logs_home_t and allow svirt_t to write there. This message is a reminder that Fedora 13 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 13. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '13'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 13's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 13 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Pretty sure this is fixed in F15. |