Description of problem: Selinux/Appamor should be disabled for generation librbd traces for RHEL/Ubuntu respectively. Version-Release number of selected component (if applicable): 1.3.1 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: For generating librbd traces using rbd-replay, we must disable selinux/appamor in the system Expected results: Additional info: We should specify to disable selinux/appamor as a prerequisite. Document Link: https://access.redhat.com/articles/1605163#
Jason, SELinux needs to be disabled on any node that uses librbd, right? In other words, it should be disabled on all qemu hypervisors that use librbd? (Sorry I don't have rights to view https://access.redhat.com/articles/1605163 so I can't confirm whether this covers all qemu usage or not)
I would hesitate to say SElinux / AppArmor need to be disabled for this to work. The more nuanced answer is that SElinux / AppArmor profiles should be disabled / set to permissive for the QEMU process. Another approach is to build a custom profile that permits the access (e.g. using audit2allow for SElinux).
Sounds better to me.
Sounds good to me as well. Marking it Verified.
Fixed for 1.3.1 Release.