Description of problem: SELinux is preventing qemu-system-x86 from 'open' accesses on the file /run/media/marwen/SEHLI/SWAHLIA/OS/deepin_2014.2_amd64.iso. ***** Plugin catchall_boolean (89.3 confidence) suggests ****************** If you want to allow virt to use fusefs Then you must tell SELinux about this by enabling the 'virt_use_fusefs' boolean. You can read 'None' man page for more details. Do setsebool -P virt_use_fusefs 1 ***** Plugin catchall (11.6 confidence) suggests ************************** If you believe that qemu-system-x86 should be allowed open access on the deepin_2014.2_amd64.iso file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep qemu-system-x86 /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:svirt_t:s0:c712,c1011 Target Context system_u:object_r:fusefs_t:s0 Target Objects /run/media/marwen/SEHLI/SWAHLIA/OS/deepin_2014.2_a md64.iso [ file ] Source qemu-system-x86 Source Path qemu-system-x86 Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-152.fc23.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.2.5-300.fc23.x86_64 #1 SMP Tue Oct 27 04:29:56 UTC 2015 x86_64 x86_64 Alert Count 3 First Seen 2015-11-08 11:20:39 CET Last Seen 2015-11-08 11:20:39 CET Local ID 37a87ba4-ce22-4f0e-8990-df77533670e0 Raw Audit Messages type=AVC msg=audit(1446978039.769:789): avc: denied { open } for pid=16611 comm="qemu-system-x86" path="/run/media/marwen/SEHLI/SWAHLIA/OS/deepin_2014.2_amd64.iso" dev="sda7" ino=111004 scontext=unconfined_u:unconfined_r:svirt_t:s0:c712,c1011 tcontext=system_u:object_r:fusefs_t:s0 tclass=file permissive=0 Hash: qemu-system-x86,svirt_t,fusefs_t,file,open Version-Release number of selected component: selinux-policy-3.13.1-152.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.5-300.fc23.x86_64 type: libreport Potential duplicate: bug 871300
***** Plugin catchall_boolean (89.3 confidence) suggests ****************** If you want to allow virt to use fusefs Then you must tell SELinux about this by enabling the 'virt_use_fusefs' boolean. You can read 'None' man page for more details. Do setsebool -P virt_use_fusefs 1
Description of problem: Very odd. I just rebooted FC23 after using QEMU for a couple of days now and this error popped up. I was able to use this guest before. Killed the guest and created it again with same error of which did not occur on first generation of guest attempt. I had already ran the # grep qemu-system-x86 /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp to try to correct the problem, which it did not. I utilized the "setsebool -P virt_use_fusefs 1", which corrected the problem. Odd that it suddenly became an issue when I had been running it for days. No updates TMK. Version-Release number of selected component: selinux-policy-3.13.1-155.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.6-301.fc23.x86_64 type: libreport
Description of problem: use soft machine (qemu) to create virtualhost from remote drive (box interne/adsl) containing handylinux OS. Version-Release number of selected component: selinux-policy-3.13.1-155.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.6-301.fc23.x86_64 type: libreport
Description of problem: trying to create a vm from an iso on an ntfs partition Version-Release number of selected component: selinux-policy-3.13.1-158.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.3.3-301.fc23.x86_64 type: libreport
Description of problem: I was trying to install a VM via VMM ( @virtualization ) and this occured Version-Release number of selected component: selinux-policy-3.13.1-158.14.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.4.8-300.fc23.x86_64 type: libreport