Bug 445854 - virt-install creates boot images with the wrong file context
Summary: virt-install creates boot images with the wrong file context
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: python-virtinst
Version: 9
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Berrangé
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 445877
TreeView+ depends on / blocked
 
Reported: 2008-05-09 13:42 UTC by Alan Pevec
Modified: 2008-05-21 10:54 UTC (History)
1 user (show)

Fixed In Version: 0.300.3-6.fc9
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-05-21 10:54:58 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Alan Pevec 2008-05-09 13:42:15 UTC
Description of problem:
virt-install --location produces avc: denied { read } for pid=5220
comm="qemu-kvm" name="virtinst-vmlinuz.dOPar5" dev=sda1 ino=196841
scontext=system_u:system_r:qemu_t:s0
tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file 

kernel and initrd are downloaded to /var/tmp/ and get wrong SElinux context
user_tmp_t instead of expected 

Version-Release number of selected component (if applicable):
kvm-65-1.fc9
python-virtinst-0.300.3-5.fc9
selinux-policy-targeted-3.3.1-42.fc9

How reproducible:
install KVM guest using --location option

Steps to Reproduce:
1. virt-install -n testVM -r 768 -f /var/lib/libvirt/images/testVM.img -s 6
--vnc  --accelerate -v --os-type=linux --arch=i686 -w network:default -l
http://download.fedora.redhat.com/pub/fedora/linux/development/i386/os/
  
Actual results:


Expected results:


Additional info:
quickfix, might be wrong:

diff -r 309cf2ed646a virtinst/Guest.py
--- a/virtinst/Guest.py Thu May 08 14:18:30 2008 -0400
+++ b/virtinst/Guest.py Fri May 09 15:37:50 2008 +0200
@@ -508,7 +508,7 @@ class Installer(object):
     def get_scratchdir(self):
         if self.type == "xen":
             return "/var/lib/xen"
-        return "/var/tmp"
+        return "/var/lib/libvirt/images"
     scratchdir = property(get_scratchdir)
 
     def get_cdrom(self):

Comment 1 Daniel Berrangé 2008-05-09 15:36:02 UTC
This shouldn't really use /var/lib/libvirt/images since that's for disk images.
THe kernel & initrd should really be in their own directory. I'll get Dan to add
a new directory to the SELinux policy for this


Comment 2 Fedora Update System 2008-05-13 00:13:10 UTC
python-virtinst-0.300.3-6.fc9 has been submitted as an update for Fedora 9

Comment 3 Fedora Update System 2008-05-13 15:31:28 UTC
python-virtinst-0.300.3-6.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update python-virtinst'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-3598

Comment 4 Bug Zapper 2008-05-14 10:55:00 UTC
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 5 Fedora Update System 2008-05-21 10:54:56 UTC
python-virtinst-0.300.3-6.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.