RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 733996 - [RFE][virt-install]should allow user specify static label for security driver setting when install vm
Summary: [RFE][virt-install]should allow user specify static label for security driver...
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: python-virtinst
Version: 6.2
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Cole Robinson
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks: 734000
TreeView+ depends on / blocked
 
Reported: 2011-08-29 06:35 UTC by zhe peng
Modified: 2012-02-01 19:08 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
: 734000 (view as bug list)
Environment:
Last Closed: 2012-02-01 19:08:37 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
full debug info (5.84 KB, text/plain)
2011-08-29 06:35 UTC, zhe peng 		no flags Details
View All

Description zhe peng 2011-08-29 06:35:55 UTC 
Created attachment 520296 [details]
full debug info

Description of problem:
can set relabel option for security driver setting when install vm.


Version-Release number of selected component (if applicable):
python-virtinst-0.600.0-2.el6.noarch
libvirt-0.9.4-5.el6


How reproducible:
always

Steps to Reproduce:
1.install a vm with static security settings.
1.# virt-install -n demo -r 1024 -f /var/lib/libvirt/images/test.img -s 5 --security type=static,label='system_u:system_r:svirt_t:s0:c100,c200' -c /dev/cdrom --debug
.........
Mon, 29 Aug 2011 02:03:29 ERROR    internal error Process exited while reading console log output: char device redirected to /dev/pts/8
qemu-kvm: -drive file=/var/lib/libvirt/images/demo.img,if=none,id=drive-ide0-0-0,format=raw,cache=none: could not open disk image /var/lib/libvirt/images/demo.img: Permission denied

Mon, 29 Aug 2011 02:03:29 DEBUG    Traceback (most recent call last):
  File "/usr/sbin/virt-install", line 620, in start_install
    noboot=options.noreboot)
  File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 1223, in start_install
    noboot)
  File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 1291, in _create_guest
    dom = self.conn.createLinux(start_xml or final_xml, 0)
  File "/usr/lib64/python2.6/site-packages/libvirt.py", line 1966, in createLinux
    if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: internal error Process exited while reading console log output: char device redirected to /dev/pts/8
qemu-kvm: -drive file=/var/lib/libvirt/images/demo.img,if=none,id=drive-ide0-0-0,format=raw,cache=none: could not open disk image /var/lib/libvirt/images/demo.img: Permission denied

install will failed with Permission denied.

if have an existing image file,with correctly security label,the install will successful.mention in bug:https://bugzilla.redhat.com/show_bug.cgi?id=698085#c9

for libvirt ,there have a new attribute "relabel=yes",refer to http://libvirt.org/formatdomain.html#seclabel

so, customer need setting static security label without having an existing image file when install a new vm.
like command line:
# virt-install -n demo -r 1024 -f /var/lib/libvirt/images/test.img -s 5 --security type=static,relable=yes,label='system_u:system_r:svirt_t:s0:c100,c200' -c /dev/cdrom --debug


  
Actual results:
see Steps to Reproduce

Expected results:
should install vm successful with static security label if not have existing image file.

Additional info:
Comment 1 Cole Robinson 2011-09-26 15:58:06 UTC 
Upstream now:

http://git.fedorahosted.org/git?p=python-virtinst.git;a=commit;h=d6268d78fb1ebd1983d6b3fbfd3db0b1f6942d92
Comment 3 Cole Robinson 2012-02-01 19:08:37 UTC 
On second thought I don't think this is even worth backporting: static label usage is uncommon, and virtinst/virt-manager haven't had any customer complaints or feature requests regarding this functionality. Backporting isn't really worth the effort IMO

Just closing as UPSTREAM
Note You need to log in before you can comment on or make changes to this bug.