[libvirt] Guest log getting written in cache directory rather /var/log/libvirt/qemu
Eric Blake
eblake at redhat.com
Thu Aug 23 21:18:33 UTC 2012
On 08/23/2012 03:09 PM, Richa Marwaha wrote:
> I have another question shouldn't the label of
> HomeDirectory/.cache/libvirt/qemu/log/Guest.log be virt_log_t instead of
> cache_home_t as I am getting the following denial for qemu-kvm when I am
> running the guest
>
> type=AVC msg=audit(1345648423.091:575): avc: denied { write } for
> pid=29234 comm="qemu-kvm"
> path="/home/richa/.cache/libvirt/qemu/log/F14_64.log" dev="dm-2"
> ino=15204923 scontext=unconfined_u:unconfined_r:svirt_t:s0:c658,c891
> tcontext=unconfined_u:object_r:cache_home_t:s0 tclass=file
> type=SYSCALL msg=audit(1345648423.091:575): arch=c000003e syscall=59
> success=yes exit=0 a0=7f8458003060 a1=7f8458003a10 a2=7f84580029a0
> a3=7f8473d2d850 items=0 ppid=1 pid=29234 auid=1000 uid=1000 gid=1000
> euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none)
> ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm"
> subj=unconfined_u:unconfined_r:svirt_t:s0:c658,c891 key=(null)
> type=AVC msg=audit(1345648423.097:576): avc: denied { write } for
> pid=29234 comm="qemu-kvm" name="lib" dev="dm-2" ino=15204904
> scontext=unconfined_u:unconfined_r:svirt_t:s0:c658,c891
> tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir
Sounds like a bug in the default Fedora SELinux policy - please open a BZ.
--
Eric Blake eblake at redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120823/f9b156f5/attachment-0001.sig>
More information about the libvir-list
mailing list