----- Original Message ----- > From: "Punit Dambiwal" <[email protected]> > To: "Antoni Segura Puimedon" <[email protected]>, "Dan Kenigsberg" > <[email protected]> > Cc: "Sven Kieske" <[email protected]>, [email protected] > Sent: Friday, June 27, 2014 11:07:56 AM > Subject: Re: [ovirt-users] Ip spoofing > > Hi Dan, > > Still the same....VM can spoof the ip address...attached is the VM domain > xml file....
Did you try to disable SELinux with "setenforce 0" to see if the problem is one of secure contexts? > > > On Thu, Jun 26, 2014 at 5:30 PM, Punit Dambiwal <[email protected]> wrote: > > > Hi Sven, > > > > I already give the sudo user permission to VDSM user... > > > > Yes..after VDSM restart i can see this hook in host tab....I will test it > > again and udpate you guys if still not solve.... > > > > > > On Thu, Jun 26, 2014 at 4:03 PM, Antoni Segura Puimedon < > > [email protected]> wrote: > > > >> > >> > >> ----- Original Message ----- > >> > From: "Sven Kieske" <[email protected]> > >> > To: [email protected] > >> > Sent: Thursday, June 26, 2014 9:12:31 AM > >> > Subject: Re: [ovirt-users] Ip spoofing > >> > > >> > Well this is strange, and this should not be the reason > >> > but can you attach a ".py" ending to the file names (maybe vdsm performs > >> > some strange checks)? > >> > >> We do not ;-) > >> > >> > your permissions look good. > >> > the only other thing I can think of are selinux > >> > restrictions, can you check them with: > >> > #this gives you the actual used selinux security level: > >> > getenforce > >> > >> That could be it > >> > >> > :this gives you the selinux attributes for the folder: > >> > ls -lZ /usr/libexec/vdsm/hooks/before_device_create > >> > > >> > I first thought it might be related to vdsms sudoers > >> > rights but a plain python script should be executed > >> > without modification to the sudoers config. > >> > > >> > HTH > >> > > >> > Am 26.06.2014 06:22, schrieb Punit Dambiwal: > >> > > Hi Dan, > >> > > > >> > > The permission looks ok... > >> > > > >> > > > >> > > [root@gfs1 ~]# su - vdsm -s > >> > > /bin/bash > >> > > -bash-4.1$ ls -l /usr/libexec/vdsm/hooks/before_device_create > >> > > total 8 > >> > > -rwxr-xr-x. 1 root root 1702 Jun 10 05:25 50_macspoof > >> > > -rwxr-xr-x. 1 root root 2490 Jun 23 17:47 50_noipspoof > >> > > -bash-4.1$ exit > >> > > logout > >> > > [root@gfs1 ~]# > >> > > > >> > > But the strange thing is noipspoof hook not display in the host hooks > >> > > windows.... > >> > > >> > -- > >> > Mit freundlichen Grüßen / Regards > >> > > >> > Sven Kieske > >> > > >> > Systemadministrator > >> > Mittwald CM Service GmbH & Co. KG > >> > Königsberger Straße 6 > >> > 32339 Espelkamp > >> > T: +49-5772-293-100 > >> > F: +49-5772-293-333 > >> > https://www.mittwald.de > >> > Geschäftsführer: Robert Meyer > >> > St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad > >> Oeynhausen > >> > Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad > >> Oeynhausen > >> > _______________________________________________ > >> > Users mailing list > >> > [email protected] > >> > http://lists.ovirt.org/mailman/listinfo/users > >> > > >> _______________________________________________ > >> Users mailing list > >> [email protected] > >> http://lists.ovirt.org/mailman/listinfo/users > >> > > > > > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
