Bug 916644 - libvirt chown's <kernel> file to root, but doesn't restore ownership afterwards
Summary: libvirt chown's <kernel> file to root, but doesn't restore ownership afterwards
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: libvirt
Version: 19
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Libvirt Maintainers
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: TRACKER-bugs-affecting-libguestfs 922891
TreeView+ depends on / blocked
 
Reported: 2013-02-28 15:11 UTC by Richard W.M. Jones
Modified: 2013-10-01 08:13 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-10-01 08:12:36 UTC
Type: Bug


Attachments (Terms of Use)

Description Richard W.M. Jones 2013-02-28 15:11:45 UTC
Description of problem:

$ ll -Z tmp/.guestfs-1000/kernel*
-rw-r--r--. rjones rjones unconfined_u:object_r:user_home_t:s0 tmp/.guestfs-1000/kernel
-rw-r--r--. rjones rjones unconfined_u:object_r:user_home_t:s0 tmp/.guestfs-1000/kernel.31290

Note that it's owned by rjones.rjones.

Now I do this:

LIBGUESTFS_ATTACH_METHOD=libvirt:qemu:///system ./run ./test-tool/libguestfs-test-tool

This test actually fails because of bug 913774.  Whether that failure
is relevant to this bug, I don't know.  But in any case, after that:

$ ll -Z tmp/.guestfs-1000/kernel
*-rw-r--r--. root root unconfined_u:object_r:user_home_t:s0 tmp/.guestfs-1000/kernel
-rw-r--r--. root root unconfined_u:object_r:user_home_t:s0 tmp/.guestfs-1000/kernel.31555

Note that it's owned by root.root.

The problem now is that I can no longer use libguestfs normally:

$ ./run ./test-tool/libguestfs-test-tool
[...]
libguestfs: [00218ms] launch libvirt guest
libguestfs: error: could not create appliance through libvirt: unable to set security context 'system_u:object_r:virt_content_t:s0' on '/home/rjones/d/libguestfs/tmp/.guestfs-1000/kernel.578': Operation not permitted [code=38 domain=24]
libguestfs-test-tool: failed to launch appliance

Version-Release number of selected component (if applicable):

libvirt 1.0.2 from Rawhide
libguestfs 1.21.16

How reproducible:

100%

Steps to Reproduce:
1. See description above.

Comment 1 Fedora End Of Life 2013-04-03 15:52:32 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19

Comment 2 Richard W.M. Jones 2013-10-01 07:55:13 UTC
Still happening on Fedora 19.  Can we fix this?

Comment 3 Richard W.M. Jones 2013-10-01 08:12:36 UTC
No wait, actually I think this is *not* happening and looks fixed.

Comment 4 Richard W.M. Jones 2013-10-01 08:13:36 UTC
Note you'll need the latest libvirt & probably latest selinux-policy.


Note You need to log in before you can comment on or make changes to this bug.