1372453 – Selinux is blocking ovs-vswitchd (openvswitch)

Bug 1372453 - Selinux is blocking ovs-vswitchd (openvswitch)

Summary: Selinux is blocking ovs-vswitchd (openvswitch)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-selinux
Sub Component:
Version:	9.0 (Mitaka)
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	Upstream M3
Target Release:	10.0 (Newton)
Assignee:	Ryan Hallisey
QA Contact:	Udi Shkalim
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-09-01 18:41 UTC by Arie Bregman
Modified:	2016-12-14 15:55 UTC (History)
CC List:	4 users (show)
Fixed In Version:	openstack-selinux-0.7.7-1.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-12-14 15:55:26 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2016:2948	0	normal	SHIPPED_LIVE	Red Hat OpenStack Platform 10 enhancement update	2016-12-14 19:55:27 UTC

Description Arie Bregman 2016-09-01 18:41:44 UTC

Description of problem:
Selinux denies openvswitch operations

Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.13.1-60.el7.noarch
libselinux-utils-2.2.2-6.el7.x86_64
libselinux-python-2.2.2-6.el7.x86_64
selinux-policy-3.13.1-60.el7.noarch
libselinux-2.2.2-6.el7.x86_64
openstack-selinux-0.7.3-3.el7ost.noarch
libselinux-devel-2.2.2-6.el7.x86_64

Steps to Reproduce:
1. Install RHOSP 9 with openvswitch

Actual results:
ovs-vswitchd: ovs|06413|stream_tcp|ERR|tcp:127.0.0.1:5938: connect: Permission denied

Expected results:
Connection established

Additional info:
Logs provided.

Comment 5 Arie Bregman 2016-09-25 12:55:36 UTC

Important detail: it happens when running dsvm-functional tests.

Comment 9 errata-xmlrpc 2016-12-14 15:55:26 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2948.html

Note You need to log in before you can comment on or make changes to this bug.