Bug ID 1226398
Summary selinux - swtpm - virt-manager can no longer start vm
Classification openSUSE
Product openSUSE Aeon
Version Current
Hardware x86-64
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Base
Assignee rbrown@suse.com
Reporter sunscape1@hotmail.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By ---
Blocker --- 

Recently, I have been unable to start vm's. I get the following error in
virt-manager:

Error starting domain: operation failed: swtpm died and reported: swtpm: Could
not open logfile for writing: Permission denied

I suspected it was a change to selinux, or perhaps some other recent update.
The avc's show:

type=AVC msg=audit(1718509582.300:374): avc:  denied  { relabelfrom } for 
pid=1606 comm="rpc-virtqemud" name=".lock" dev="nvme0n1p3" ino=12780
scontext=system_u:system_r:virtqemud_t:s0
tcontext=system_u:object_r:virt_var_lib_t:s0 tclass=file permissive=1

type=AVC msg=audit(1718509582.300:375): avc:  denied  { relabelto } for 
pid=1606 comm="rpc-virtqemud" name=".lock" dev="nvme0n1p3" ino=12780
scontext=system_u:system_r:virtqemud_t:s0
tcontext=system_u:object_r:virt_var_lib_t:s0 tclass=file permissive=1

I don't think I've made any changes that would have caused this issue.

You are receiving this mail because: