Bug 1372453 - Selinux is blocking ovs-vswitchd (openvswitch)
Summary: Selinux is blocking ovs-vswitchd (openvswitch)
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-selinux
Version: 9.0 (Mitaka)
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: Upstream M3
: 10.0 (Newton)
Assignee: Ryan Hallisey
QA Contact: Udi Shkalim
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-09-01 18:41 UTC by Arie Bregman
Modified: 2016-12-14 15:55 UTC (History)
4 users (show)

Fixed In Version: openstack-selinux-0.7.7-1.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-12-14 15:55:26 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2016:2948 normal SHIPPED_LIVE Red Hat OpenStack Platform 10 enhancement update 2016-12-14 19:55:27 UTC

Description Arie Bregman 2016-09-01 18:41:44 UTC
Description of problem:
Selinux denies openvswitch operations

Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.13.1-60.el7.noarch
libselinux-utils-2.2.2-6.el7.x86_64
libselinux-python-2.2.2-6.el7.x86_64
selinux-policy-3.13.1-60.el7.noarch
libselinux-2.2.2-6.el7.x86_64
openstack-selinux-0.7.3-3.el7ost.noarch
libselinux-devel-2.2.2-6.el7.x86_64

Steps to Reproduce:
1. Install RHOSP 9 with openvswitch

Actual results:
ovs-vswitchd: ovs|06413|stream_tcp|ERR|tcp:127.0.0.1:5938: connect: Permission denied

Expected results:
Connection established

Additional info:
Logs provided.

Comment 5 Arie Bregman 2016-09-25 12:55:36 UTC
Important detail: it happens when running dsvm-functional tests.

Comment 9 errata-xmlrpc 2016-12-14 15:55:26 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2948.html


Note You need to log in before you can comment on or make changes to this bug.