On Tue, Nov 26, 2013 at 09:24:00AM -0500, Antoni Segura Puimedon wrote: > Hi List, > > I just built master with some gerrit patch and when installing in Fedora20 I > get the following: > > Installing : vdsm-python-4.13.0-179.gite51bbc3.fc20.x86_64 > 1/7 > Installing : vdsm-xmlrpc-4.13.0-179.gite51bbc3.fc20.noarch > 2/7 > Installing : vdsm-python-zombiereaper-4.13.0-179.gite51bbc3.fc20.noarch > 3/7 > Installing : vdsm-4.13.0-179.gite51bbc3.fc20.x86_64 > 4/7 > Traceback (most recent call last): > File "/usr/bin/vdsm-tool", line 145, in <module> > sys.exit(main()) > File "/usr/bin/vdsm-tool", line 142, in main > return tool_command[cmd]["command"](*args[1:]) > File "/usr/lib64/python2.7/site-packages/vdsm/tool/seboolsetup.py", > line 59, in sebool_config > setup_booleans(True) > File "/usr/lib64/python2.7/site-packages/vdsm/tool/seboolsetup.py", > line 41, in setup_booleans > sebool_obj = seobject.booleanRecords() > File "/usr/lib/python2.7/site-packages/seobject/__init__.py", line > 2070, in __init__ > semanageRecords.__init__(self, store) > File "/usr/lib/python2.7/site-packages/seobject/__init__.py", line 205, > in __init__ > self.mylog = logger() > File "/usr/lib/python2.7/site-packages/seobject/__init__.py", line 90, > in __init__ > self.audit_fd = audit.audit_open() > OSError: [Errno 93] Protocol not supported > OSError: Protocol not supported > Installing : vdsm-debug-plugin-4.13.0-179.gite51bbc3.fc20.noarch > 5/7 > Installing : vdsm-reg-4.13.0-179.gite51bbc3.fc20.noarch > 6/7 > Installing : vdsm-cli-4.13.0-179.gite51bbc3.fc20.noarch > 7/7 > Verifying : vdsm-debug-plugin-4.13.0-179.gite51bbc3.fc20.noarch > 1/7 > Verifying : vdsm-reg-4.13.0-179.gite51bbc3.fc20.noarch > 2/7 > Verifying : vdsm-python-zombiereaper-4.13.0-179.gite51bbc3.fc20.noarch > 3/7 > Verifying : vdsm-cli-4.13.0-179.gite51bbc3.fc20.noarch > 4/7 > Verifying : vdsm-4.13.0-179.gite51bbc3.fc20.x86_64 > 5/7 > Verifying : vdsm-xmlrpc-4.13.0-179.gite51bbc3.fc20.noarch > 6/7 > Verifying : vdsm-python-4.13.0-179.gite51bbc3.fc20.x86_64 > > Shouldn't the auditing be optional (I have audit=0 in the kernel cmdline).
We've discussed this issue today in the vdsm sync meeting. If make this optional, we must check for the flag existence on every startup of vdsm. Presumably, this is not a long ardious task. It would be good to check the flags even if we choose to keep the ugly install-time errors: an admin should be warned that his VMs are not going to start due to future selinux errors, and should be notified with which vdsm-tool action (sebool-config) he should fix the issue. _______________________________________________ vdsm-devel mailing list vdsm-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/vdsm-devel
