Hide Forgot
Description of problem: The svirt label is lost for the domain saved file. Version-Release number of selected component (if applicable): libvirt-0.8.2-20.el5 kvm-83-232.el5 How reproducible: Always Steps to Reproduce: 1. Make sure the selinux is enforcing # getenforce Enforcing 2. Start a VM # virsh list --all Id Name State ---------------------------------- 24 w2k3 running - vm shut off 3. Save the running vm, and check the context of the save file. # virsh save w2k3 w2k3.save Domain w2k3 saved to w2k3.save # ll -Z w2k3.save -rw------- root root system_u:object_r:default_t w2k3.save Actual results: Step 3. Expected results: svirt label should be added. like: -rw------- root root system_u:object_r:svirt_image_t:s0:c451,c925 w2k3.save Additional info:
The svirt label can be added for some path, but failed for other path. For example: # ll -Z /tmp/w2k3.save -rw------- root root system_u:object_r:svirt_image_t:s0:c335,c977 /tmp/w2k3.save # ll -Z /home/w2k3.save -rw------- root root system_u:object_r:default_t /home/w2k3.save
Could reproduce this bug on the following components of rh5.6: libvirt-0.8.2-15.el5 kvm-83-224.el5 Steps: # getenforce Enforcing 2. # virsh list --all Id Name State ---------------------------------- 5 rh5.6 running - a shut off 3. Save the running vm, and check the context of the save file. #cd /var/lib/libvirt/images #virsh save rh5.6 rh5.6.save Domain rh5.6 saved to rh5.6.save # ll -Z rh5.6.save -rw------- root root system_u:object_r:virt_image_t rh5.6.save # virsh restore rh5.6.save Domain restored from rh5.6.save #virsh save rh5.6 /tmp/rh5.6.save Domain rh5.6 saved to /tmp/rh5.6.save # ll -Z /tmp/rh5.6.save -rw------- root root system_u:object_r:svirt_image_t:s0:c600,c619 /tmp/rh5.6.save # virsh restore /tmp/rh5.6.save Domain restored from /tmp/rh5.6.save # virsh save rh5.6 /home/rh5.6.save Domain rh5.6 saved to /home/rh5.6.save # ll -Z /home/rh5.6.save -rw------- root root system_u:object_r:default_t /home/rh5.6.save
This request was evaluated by Red Hat Product Management for inclusion in Red Hat Enterprise Linux 5.7 and Red Hat does not plan to fix this issue the currently developed update. Contact your manager or support representative in case you need to escalate this bug.
Development Management has reviewed and declined this request. You may appeal this decision by reopening this request.