[DSE-Dev] Bug#758464: Bug#758464: selinux-policy-default: Impossible to use libvirt(d) if enforcing

Andreas Florath andre at flonatel.org
Sun Aug 17 21:04:58 UTC 2014

Hello Mika,

thanks for this hint: but it does not help.

Before I reported the bug, I run audit2allow
with the AVC. Typically, when a appropriate
boolean exists, this is printed.
In this case, there was no hint to a boolean, just:

#============= virtd_t ==============
allow virtd_t self:process execstack;

I set the boolean now with
  setsebool -P allow_execstack on
and rebooted. (IMHO the -P is needed here, because
the libvirtd is executed directly after boot.)

No changes:
root at nestor:~# getsebool allow_execstack
allow_execstack --> on
root at nestor:~# virsh -c qemu:///system list
error: failed to connect to the hypervisor
error: no connection driver available for qemu:///system

Kind regards


More information about the SELinux-devel mailing list