Re: [ovirt-users] Snapshot removal vs selinux enforced

2017-09-25 Thread Lionel Caignec 
I reply myself if it can help somemone.
I found a solution with audit2allow/audit2why creating a policy containing this 
: 
type systemd_machined_t;
type svirt_t;
type fixed_disk_device_t;
class blk_file write;
class dir search;
}

It seems to work, and i can keep my host in selinux enforced.

- Mail original -
De: "Lionel Caignec" <caig...@cines.fr>
À: "users" <users@ovirt.org>
Envoyé: Lundi 25 Septembre 2017 15:37:16
Objet: [ovirt-users] Snapshot removal vs selinux enforced

Hi,

i have a problem with selinux enforced.
When i tried to live remove a snapshot the operation failed . After some 
headache i found the problem source : selinux.
When i "setenfore 0" the removal task work, when i "setenforce 1" removal task 
failed.

log from audit.log:
  vc: denied {write} for pid = 28360 tmptext = system_u: object_r : 
fixed_disk_device_t: s0 tclass = blk_file

I'm with RHEL 7.4 and ovirt 4.1, is it some specific configuration to do?.

Thanks for help.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Snapshot removal vs selinux enforced

2017-09-25 Thread Lionel Caignec 
Hi,

i have a problem with selinux enforced.
When i tried to live remove a snapshot the operation failed . After some 
headache i found the problem source : selinux.
When i "setenfore 0" the removal task work, when i "setenforce 1" removal task 
failed.

log from audit.log:
  vc: denied {write} for pid = 28360 tmptext = system_u: object_r : 
fixed_disk_device_t: s0 tclass = blk_file

I'm with RHEL 7.4 and ovirt 4.1, is it some specific configuration to do?.

Thanks for help.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users