Hi Michal,
I re-installed the OS and then oVirt on that node, with SELinux enabled,
and that has resolved the issue.
Thanks for your help.
Cheers,
Cam
On Wed, May 25, 2016 at 7:24 PM, Michal Skrivanek
wrote:
>
>
> On 25 May 2016, at 19:29, Cam Mac
> On 25 May 2016, at 19:29, Cam Mac wrote:
>
> Hi Michal,
>
> Ran restorecon -r on '/' (and restarted vdsmd and other services): it is
> still getting selinux errors. I'd like to keep selinux running, especially as
> it is officially supported
Yeah. Hm, dunno why it
Hi Michal,
Ran restorecon -r on '/' (and restarted vdsmd and other services): it is
still getting selinux errors. I'd like to keep selinux running, especially
as it is officially supported (and works on the other node), so I guess the
best option is to reinstall the OS and then install ovirt
> On 25 May 2016, at 19:12, Cam Mac wrote:
>
> I'll try that - presumably on the paths it is complaining about, and the qemu
> binarys?
It shouldn't hurt on /, it should only help:)
And if it complains e.g. on attached nfs, the i suppose you need to run it
there too
>
I'll try that - presumably on the paths it is complaining about, and the
qemu binarys?
On Wed, May 25, 2016 at 4:59 PM, Michal Skrivanek <
michal.skriva...@redhat.com> wrote:
>
> On 25 May 2016, at 17:35, Cam Mac wrote:
>
> Hi Michal,
>
> I chose the 'reinstall node' option
> On 25 May 2016, at 17:35, Cam Mac wrote:
>
> Hi Michal,
>
> I chose the 'reinstall node' option from the GUI menu, which appeared to go
> ok, however, I still cannot create or migrate a VM on that node. I can see
> selinux 'denied' messages relating to qemu-kvm, e.g.:
>
Hi Michal,
I chose the 'reinstall node' option from the GUI menu, which appeared to go
ok, however, I still cannot create or migrate a VM on that node. I can see
selinux 'denied' messages relating to qemu-kvm, e.g.:
type=AVC msg=audit(1464189232.136:251): avc: denied { read } for
pid=4019
Ah, ok that makes sense. For the node, is it enough to use the 'reinstall
node' option from the GUI, or is it better to reinstall the OS and then
deploy it again?
Thanks,
Cam
On Wed, May 11, 2016 at 2:40 PM, Michal Skrivanek <
michal.skriva...@redhat.com> wrote:
>
> On 11 May 2016, at 15:24,
> On 11 May 2016, at 15:24, Cam Mac wrote:
>
> Thanks Michal, if reinstalling the engine, (which also had SELinux disabled
> at install), would the best way be to backup the engine and then restore just
> the ovirt config?
for engine..well, VM security is not related to
> On 11 May 2016, at 15:02, Cam Mac wrote:
>
> Hi,
>
> In the oVirt guide, it says that "SELinux is being used by default on oVirt
> Node", but then goes on to say that if you have problems you should set it to
> permissive mode. I have had a few things fail due to being
afaik you need to disable selinux by passing
the relevant parameter direct via kernel boot options.
search the ML or the net if you need the exact command line.
HTH
Am 23.05.2014 10:36, schrieb Simon Barrett:
I set SELINUX=disabled in /etc/selinux/config and ran a persist
Policy from config file:targeted
# cat /selinux/enforce
0
Thanks for the information.
Simon
-Original Message-
From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of
Sven Kieske
Sent: 23 May 2014 09:45
To: users@ovirt.org
Subject: Re: [ovirt-users] selinux
12 matches
Mail list logo