Bug 771802

Summary: virt-manager cannot talk to libvirtd in current Rawhide
Product: [Fedora] Fedora Reporter: Adam Williamson <awilliam>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: rawhideCC: dominick.grift, dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-01-05 15:22:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Adam Williamson 2012-01-05 02:09:27 UTC 
In current Rawhide (selinux-policy 3.10.0-71.fc17), virt-manager fails to connect to libvirt on startup. /var/log/messages shows several SELinux denials:

Jan  4 18:06:50 adam kernel: [16006.077329] type=1400 audit(1325729210.793:658): avc:  denied  { read } for  pid=888 comm="polkitd" name="2" dev=tmpfs ino=23046 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=file
Jan  4 18:06:50 adam kernel: [16006.077344] type=1400 audit(1325729210.793:659): avc:  denied  { open } for  pid=888 comm="polkitd" name="2" dev=tmpfs ino=23046 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=file
Jan  4 18:06:50 adam kernel: [16006.077360] type=1400 audit(1325729210.793:660): avc:  denied  { getattr } for  pid=888 comm="polkitd" path="/run/systemd/sessions/2" dev=tmpfs ino=23046 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=file
Jan  4 18:06:50 adam libvirtd[4487]: 2012-01-05 02:06:50.795+0000: 4489: error : remoteDispatchAuthPolkit:2459 : Policy kit denied action org.libvirt.unix.manage from pid 4747, uid 1001: exit status 2
Jan  4 18:06:50 adam libvirtd[4487]: 2012-01-05 02:06:50.795+0000: 4489: error : remoteDispatchAuthPolkit:2478 : authentication failed: authentication failed
Jan  4 18:06:54 adam libvirtd[4487]: 2012-01-05 02:06:54.047+0000: 4487: error : virNetSocketReadWire:996 : End of file while reading data: Input/output error
Comment 1 Daniel Walsh 2012-01-05 15:22:55 UTC 
Fixed in selinux-policy-3.10.0-73.fc17