Bug 859395 – $HOME/.cache/libvirt/qemu/log is not labelled correctly

Bug 859395 - $HOME/.cache/libvirt/qemu/log is not labelled correctly

Summary:	$HOME/.cache/libvirt/qemu/log is not labelled correctly

Status:	CLOSED ERRATA

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	selinux-policy (Show other bugs)
Sub Component:
Version:	18
Hardware:	Unspecified Unspecified

Priority	unspecified Severity unspecified
Target Milestone:	---
Target Release:	---
Assigned To:	Miroslav Grepl
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2012-09-21 08:42 EDT by Richard W.M. Jones
Modified:	2012-12-15 14:17 EST (History)
CC List:	3 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2012-12-15 14:17:02 EST
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Richard W.M. Jones 2012-09-21 08:42:45 EDT

Description of problem:

Probably best just to read Dan's description of the problem here:

https://www.redhat.com/archives/libvir-list/2012-September/msg01546.html

Comment 1 Miroslav Grepl 2012-09-21 08:49:42 EDT

# rpm -q selinux-policy

Comment 2 Richard W.M. Jones 2012-09-21 08:55:15 EDT

I'm using:
selinux-policy-3.11.1-7.fc18.noarch

However the question is whether upstream selinux-policy
knows about .cache/libvirt and .config/libvirt.

By the way, I've no idea how these should be labelled,
just that changing the labels makes libvirt logging work
(with Dan's patch).

Comment 3 Daniel Walsh 2012-09-26 16:45:08 EDT

 matchpathcon /home/rjones/.cache/libvirt/qemu/log/guestfs-wd6efsxohmy5jd2s.log
/home/rjones/.cache/libvirt/qemu/log/guestfs-wd6efsxohmy5jd2s.log	unconfined_u:object_r:svirt_home_t:s0


On my F18 box. 

So the proper labels are in place.  The problem is Rawhide not getting the latest policy from F18.

Comment 4 Richard W.M. Jones 2012-09-26 16:57:28 EDT

I found that restorecon -F -R -v ~/.cache fixed this
problem (once I'd manually downloaded and installed the
latest selinux-policy).

Note I had to use the '-F' option.  That wasn't completely
obvious, but it turned out to have something to do with
svirt_home_t being a "customizable type".

Note You need to log in before you can comment on or make changes to this bug.