Summary: SELinux is preventing /usr/bin/qemu-system-x86_64 "write" access on sr1. Detailed Description: [qemu-system-x86 has a permissive type (svirt_t). This access was not denied.] SELinux denied access requested by qemu-system-x86. It is not expected that this access is required by qemu-system-x86 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:svirt_t:s0:c274,c832 Target Context system_u:object_r:virt_content_t:s0 Target Objects sr1 [ blk_file ] Source qemu-system-x86 Source Path /usr/bin/qemu-system-x86_64 Port <Unknown> Host (removed) Source RPM Packages qemu-system-x86-0.11.0-13.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.32-89.fc12 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.31.12-174.2.22.fc12.x86_64 #1 SMP Fri Feb 19 18:55:03 UTC 2010 x86_64 x86_64 Alert Count 1 First Seen Mon 01 Mar 2010 06:25:46 AM EET Last Seen Mon 01 Mar 2010 06:25:46 AM EET Local ID e4b9d2ca-c6ea-4e01-8831-ec98f3dd82ce Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1267417546.384:32707): avc: denied { write } for pid=24271 comm="qemu-system-x86" name="sr1" dev=tmpfs ino=4024 scontext=system_u:system_r:svirt_t:s0:c274,c832 tcontext=system_u:object_r:virt_content_t:s0 tclass=blk_file node=(removed) type=SYSCALL msg=audit(1267417546.384:32707): arch=c000003e syscall=2 success=yes exit=4294967424 a0=7ffff08600e0 a1=1002 a2=1a4 a3=30 items=0 ppid=1 pid=24271 auid=4294967295 uid=107 gid=107 euid=107 suid=107 fsuid=107 egid=107 sgid=107 fsgid=107 tty=(none) ses=4294967295 comm="qemu-system-x86" exe="/usr/bin/qemu-system-x86_64" subj=system_u:system_r:svirt_t:s0:c274,c832 key=(null) Hash String generated from catchall,qemu-system-x86,svirt_t,virt_content_t,blk_file,write audit2allow suggests: #============= svirt_t ============== allow svirt_t virt_content_t:blk_file write;
This happened after I tried to run a newly created virtual machine with virt-manager, connected to Qemu (running locally).
You can ignore, this is qemu bug. *** This bug has been marked as a duplicate of bug 536760 ***