Bug 1573268 - Got lots OVS daemon ERRs while starting a OVS-dpdk guest [rhel-7.5.z]
Summary: Got lots OVS daemon ERRs while starting a OVS-dpdk guest [rhel-7.5.z]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt
Version: 7.5
Hardware: x86_64
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Martin Kletzander
QA Contact: yanqzhan@redhat.com
URL:
Whiteboard:
Depends On: 1547250
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-30 16:51 UTC by Oneata Mircea Teodor
Modified: 2018-06-26 16:56 UTC (History)
31 users (show)

Fixed In Version: libvirt-3.9.0-14.el7_5.6
Doc Type: Bug Fix
Doc Text:
Previously, the virtlogd service logged redundant AVC denial errors when a guest virtual machine was started. With this update, the virtlogd service no longer attempts to send shutdown inhibition calls to systemd, which prevents the described errors from occurring.
Clone Of: 1547250
Environment:
Last Closed: 2018-06-26 16:55:29 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:1997 0 None None None 2018-06-26 16:56:26 UTC

Description Oneata Mircea Teodor 2018-04-30 16:51:37 UTC
This bug has been copied from bug #1547250 and has been proposed to be backported to 7.5 z-stream (EUS).

Comment 6 Martin Kletzander 2018-05-11 11:56:54 UTC
How do you feel about this BZ and the fix since it was handled in selinux-policy as well?  See https://bugzilla.redhat.com/show_bug.cgi?id=1547250#c38

Should we move it there?  I would rather add our patch since the fix in selinux-policy should probably be reverted.

Comment 7 Jiri Denemark 2018-05-11 12:16:31 UTC
Yeah, I agree we should ship our patch and let the selinux-policy change be
reverted.

Comment 9 yanqzhan@redhat.com 2018-06-05 15:54:01 UTC
Can reproduce the "avc:  denied" issue with following pkgs:
libvirt-3.9.0-14.el7_5.5.x86_64
qemu-kvm-rhev-2.10.0-21.el7_5.3.x86_64


Verify this bug with following pkgs:
libvirt-3.9.0-14.el7_5.6.x86_64
qemu-kvm-rhev-2.10.0-21.el7_5.3.x86_64

Whether selinux is enforcing or permissive, no "avc: denied" msg in /var/log/audit/audit.log when guest start. Only get "avc:  received setenforce notice..." avc msg.

Since the result is as expected. Mark this bug as verified.

Comment 11 errata-xmlrpc 2018-06-26 16:55:29 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:1997


Note You need to log in before you can comment on or make changes to this bug.