[DSE-Dev] Bug#758464: Bug#758464: selinux-policy-default: Impossible to use libvirt(d) if enforcing
Andreas Florath
andre at flonatel.org
Sun Aug 17 21:04:58 UTC 2014
Hello Mika,
thanks for this hint: but it does not help.
Before I reported the bug, I run audit2allow
with the AVC. Typically, when a appropriate
boolean exists, this is printed.
In this case, there was no hint to a boolean, just:
#============= virtd_t ==============
allow virtd_t self:process execstack;
I set the boolean now with
setsebool -P allow_execstack on
and rebooted. (IMHO the -P is needed here, because
the libvirtd is executed directly after boot.)
No changes:
root at nestor:~# getsebool allow_execstack
allow_execstack --> on
root at nestor:~# virsh -c qemu:///system list
error: failed to connect to the hypervisor
error: no connection driver available for qemu:///system
Kind regards
Andre
More information about the SELinux-devel
mailing list