View Issue Details

IDProjectCategoryView StatusLast Update
0016452CentOS-8-OTHERpublic2019-10-07 08:50
Reporteresys.steven 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version8.0.1905 
Target VersionFixed in Version 
Summary0016452: SELinux is preventing /usr/bin/qemu-ga from read access on the file b8:1.
DescriptionHello sir,
We install CentOS 8.0.1905 on oVirt 4.3.

SELinux logged error:

If you believe that qemu-ga should be allowed read access on the b8:1 file by default.
You should report this as a bug. You can generate a local policy module to allow this access.

Solution:
Allow this access for now by executing: # ausearch -c 'qemu-ga' --raw | audit2allow -M my-qemuga # semodule -X 300 -i my-qemuga.pp

I think b8:1 is /dev/sda ..

[root@c8 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 99G 0 part
  ├─cl-root 253:0 0 50G 0 lvm /
  ├─cl-swap 253:1 0 4G 0 lvm [SWAP]
  └─cl-home 253:2 0 45G 0 lvm /home
sr0 11:0 1 1024M 0 rom
sr1 11:1 1 374K 0 rom

Thanks.

Steven
Steps To Reproduceroot# ausearch -c 'qemu-ga' --raw
Additional Informationqemu-ga version:
root# rpm -qf $(which qemu-ga)
qemu-guest-agent-2.12.0-64.module_el8.0.0+44+94c1b039.2.x86_64
Tagsqemu-ga, selinux

Activities

hunter86_bg

hunter86_bg

2019-10-05 13:32

reporter   ~0035333

Have you opened a bug on bugzilla.redhat.com ?
esys.steven

esys.steven

2019-10-05 13:33

reporter   ~0035334

No, I have not opened on bugzilla.redhat.com .
hunter86_bg

hunter86_bg

2019-10-05 13:44

reporter   ~0035335

Opened a bug on bugzilla.redhat.com as I couldn't find any :
https://bugzilla.redhat.com/show_bug.cgi?id=1758772
hunter86_bg

hunter86_bg

2019-10-07 08:50

reporter   ~0035357

The RH bug was marked as duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=1687721 and will be fixed in RHEL 8.1.
Most probably CentOS Stream will receive the update first.

Issue History

Date Modified Username Field Change
2019-09-25 03:47 esys.steven New Issue
2019-10-05 13:32 hunter86_bg Note Added: 0035333
2019-10-05 13:33 esys.steven Note Added: 0035334
2019-10-05 13:44 hunter86_bg Note Added: 0035335
2019-10-05 13:46 hunter86_bg Tag Attached: selinux
2019-10-05 13:46 hunter86_bg Tag Attached: qemu-ga
2019-10-07 08:50 hunter86_bg Note Added: 0035357