Bug 872511
Summary: | SELinux is preventing /usr/bin/qemu-kvm from 'connectto' accesses on the unix_stream_socket /tmp/libguestfsY0jFYI/console.sock. | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Michael S. <misc> | ||||||
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||||
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | unspecified | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 18 | CC: | dominick.grift, dwalsh, mgrepl, rjones | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | x86_64 | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | abrt_hash:39dcde0be75d34f80e900fe71cfbd7d732460a18b8f1044dabfb22924f9aa34a | ||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2012-12-07 17:30:02 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Michael S.
2012-11-02 09:47:03 UTC
Created attachment 637008 [details]
File: type
Created attachment 637009 [details]
File: hashmarkername
Which version of selinux-policy, libvirt is installed? We fixed something very similar to this a while back (bug 857453 or bug 853393). However yes in general, using libguestfs + libvirt + SELinux is problematic at the moment in F18. I'm working on fixing this. Also, after updating libvirt, you'll need to kill *all* libvirtd processes running on your machine and do service libvirtd start. $ rpm -q libvirt libvirt-0.10.2.1-2.fc18.x86_64 $ rpm -q selinux-policy-targeted selinux-policy-targeted-3.11.1-46.fc18.noarch and my laptop was freshly reboot, but I am not sure if I did upgrade related rpms after or not. I will rebot later and let you know. I can reproduce this fairly easily now, but for some reason only on a newly installed F18 machine. It looks like an SELinux policy bug. This looks like a virtual machine is trying to connect to a user domain over a unix stream socket? The VM (qemu-kvm) is trying to connect to a socket which libguestfs creates. Here is the code from the libguestfs side of things: https://github.com/libguestfs/libguestfs/blob/master/src/launch-libvirt.c#L261 I'm not sure I understand the reference to "user domain". *** This bug has been marked as a duplicate of bug 853393 *** |