Hey Flavio, We found when set selinux 'enforcing' on RHEL7/CentOS7, The init.d script command 'force-reload-kmod' cannot work properly: Shown below:
[root@ovs_team_rhel7]# /etc/init.d/openvswitch force-reload-kmod Detected internal interfaces: [ OK ] Saving flows [ OK ] Killing ovsdb-server (11131) [ OK ] Starting ovsdb-server [ OK ] Configuring Open vSwitch system IDs [ OK ] Killing ovs-vswitchd (11146) [ OK ] *Saving interface configuration /usr/share/openvswitch/scripts/ovs-save: ip not found in /* *sbin:/usr/sbin:/bin:/usr/bin* *[FAILED]* *Failed to save configuration, not replacing kernel module ... (warning).* Starting ovs-vswitchd [ OK ] Enabling remote OVSDB managers [ OK ] The reason seems to be that domain openvswitch_t does not have right to access /usr/sbin/ => that's why ovs-save reports 'ip not found' We are using the latest selinux-policy: http://rpmfind.net//linux/RPM/centos/updates/7.0.1406/x86_64/Packages/selinux-policy-3.12.1-153.el7_0.11.noarch.html We are using kernel: 3.10.0-123.8.1.el7.x86_64 I checked the selinux-policy-doc, it should support openvswitch running shell long ago... * Fri Apr 05 2013 Miroslav Grepl <mgr...@redhat.com> 3.12.1-26 - Try to label on controlC devices up to 30 correctly ...... - Allow openvswitch to execute shell So, could you help us check and maybe try if you could reproduce it yourself? Thanks, Alex Wang, _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev