771802 – virt-manager cannot talk to libvirtd in current Rawhide

Bug 771802 - virt-manager cannot talk to libvirtd in current Rawhide

Summary: virt-manager cannot talk to libvirtd in current Rawhide

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Miroslav Grepl
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-01-05 02:09 UTC by Adam Williamson
Modified:	2012-01-05 15:22 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-01-05 15:22:55 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Adam Williamson 2012-01-05 02:09:27 UTC

In current Rawhide (selinux-policy 3.10.0-71.fc17), virt-manager fails to connect to libvirt on startup. /var/log/messages shows several SELinux denials:

Jan  4 18:06:50 adam kernel: [16006.077329] type=1400 audit(1325729210.793:658): avc:  denied  { read } for  pid=888 comm="polkitd" name="2" dev=tmpfs ino=23046 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=file
Jan  4 18:06:50 adam kernel: [16006.077344] type=1400 audit(1325729210.793:659): avc:  denied  { open } for  pid=888 comm="polkitd" name="2" dev=tmpfs ino=23046 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=file
Jan  4 18:06:50 adam kernel: [16006.077360] type=1400 audit(1325729210.793:660): avc:  denied  { getattr } for  pid=888 comm="polkitd" path="/run/systemd/sessions/2" dev=tmpfs ino=23046 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=file
Jan  4 18:06:50 adam libvirtd[4487]: 2012-01-05 02:06:50.795+0000: 4489: error : remoteDispatchAuthPolkit:2459 : Policy kit denied action org.libvirt.unix.manage from pid 4747, uid 1001: exit status 2
Jan  4 18:06:50 adam libvirtd[4487]: 2012-01-05 02:06:50.795+0000: 4489: error : remoteDispatchAuthPolkit:2478 : authentication failed: authentication failed
Jan  4 18:06:54 adam libvirtd[4487]: 2012-01-05 02:06:54.047+0000: 4487: error : virNetSocketReadWire:996 : End of file while reading data: Input/output error

Comment 1 Daniel Walsh 2012-01-05 15:22:55 UTC

Fixed in selinux-policy-3.10.0-73.fc17

Note You need to log in before you can comment on or make changes to this bug.