Hello crew,
On SELinux enabled system:
# cobbler system add --name vguest --profile F-10-x86_64 \
--virt-type qemu \
--virt-bridge virbr0 \
--virt-path vg
# koan --server 'host' --virt --system vguest2
These will fail to run, because koan did not set the correct security context
for created lvm partition.
It must execute something like:
# chcon -t virt_image_t /dev/mapper/%lvm_partition%
Patch addressed to the ticket #321:
https://fedorahosted.org/cobbler/ticket/321
I've added also some concerns, about already implemented in cobbler
selinux check. So please, read the ticket and leave feedback. :)
Cheers!
==
diff -urpN koan-1.2.6.orig/koan/app.py koan-1.2.6/koan/app.py
--- koan-1.2.6.orig/koan/app.py 2008-12-10 09:04:12.082359000 +0100
+++ koan-1.2.6/koan/app.py 2008-12-10 09:18:59.765607726 +0100
@@ -1213,8 +1213,23 @@ class Koan:
if lv_create != 0:
raise InfoException, "LVM creation failed"
+ # partition location
+ partition_location = "/dev/mapper/%s-%s" %
(location,name.replace('-','--'))
+
+ # check whether we have SELinux enabled system
+ args = "/usr/sbin/selinuxenabled"
+ selinuxenabled = sub_process.call(args)
+ if selinuxenabled == 0:
+ # permissive or enforcing or something else, and
+ # set appropriate security context for LVM partition
+ args = "/usr/bin/chcon -t virt_image_t %s" %
partition_location
+ print "%s" % args
+ change_context = sub_process.call(args, shell=True)
+ if change_context != 0:
+ raise InfoException, "SELinux security context setting
to LVM partition failed"
+
# return partition location
- return "/dev/mapper/%s-%s" % (location,name.replace('-','--'))
+ return partition_location
else:
raise InfoException, "volume group needs %s GB free space." %
virt_size
_______________________________________________
cobbler mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/cobbler
