Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

qemu_guest_agent: selinux should be optimised. #4233

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

6-dehan
Copy link
Contributor

@6-dehan 6-dehan commented Dec 13, 2024

selinux should be permissive when call _change_bl. in case effect other cases.

ID: 3212
Signed-off-by: Dehan Meng [email protected]

@6-dehan 6-dehan force-pushed the for-3212-selinux-optimise branch from 1b6bc0e to cb6fce7 Compare December 13, 2024 02:59
selinux should be permissive when call _change_bl.
in case effect other cases.

Signed-off-by: Dehan Meng <[email protected]>
@6-dehan 6-dehan force-pushed the for-3212-selinux-optimise branch from cb6fce7 to 2406a76 Compare December 13, 2024 03:01
@6-dehan
Copy link
Contributor Author

6-dehan commented Dec 13, 2024

@fbq815 please try this patch. thanks.
@PaulYuuu please help to merge if there is no more problem. thanks
(1/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_file.read.q35: STARTED
(1/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_file.read.q35: PASS (50.83 s)
(2/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_file.with_fsfreeze.q35: STARTED
(2/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_file.with_fsfreeze.q35: PASS (49.08 s)
(3/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_exec.q35: STARTED
(3/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_exec.q35: PASS (59.78 s)
(4/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_fsfreeze_hook_script.q35: STARTED
(4/4) Host_RHEL.m9.u6.ovmf.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.x86_64.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_fsfreeze_hook_script.q35: PASS (50.54 s)

@fbq815
Copy link
Contributor

fbq815 commented Dec 13, 2024

(1/3) Host_RHEL.m9.u5.nographic.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.s390x.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_file.read.s390-virtio: ERROR: Get an error message when waiting for sync with qemu guest agent, check the debug log for the future message, detail: '{'class': 'CommandNotFound', 'desc': 'Command guest-sync has been disabled: the command is not allowed'}' (23.48 s)
(2/3) Host_RHEL.m9.u5.nographic.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.s390x.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_file.with_fsfreeze.s390-virtio: ERROR: Get an error message when waiting for sync with qemu guest agent, check the debug log for the future message, detail: '{'class': 'CommandNotFound', 'desc': 'Command guest-sync has been disabled: the command is not allowed'}' (24.57 s)
(3/3) Host_RHEL.m9.u5.nographic.qcow2.virtio_scsi.up.virtio_net.Guest.RHEL.9.5.0.s390x.io-github-autotest-qemu.qemu_guest_agent.virtio_serial.check_guest_exec.s390-virtio: ERROR: Get an error message when waiting for sync with qemu guest agent, check the debug log for the future message, detail: '{'class': 'CommandNotFound', 'desc': 'Command guest-sync has been disabled: the command is not allowed'}' (23.44 s)

@6-dehan still the same error message, I was using a SE guest, please check the log in jira task

@6-dehan
Copy link
Contributor Author

6-dehan commented Dec 13, 2024

@fbq815 That's another story alright? please check:

  • selinux cause 'qemu_guest_agent.virtio_serial.check_guest_file.read'

  • so the '_change_bl_bck' wasn't executed so that file '/etc/sysconfig/qemu-ga' doesn't change back, the allow-rpc doesn't contain 'guest-sync' command.
    what you have to do: Please start up the VM and recover the file. and run cases again.
    or another easist way you can just run all of the cases without 'clone=no'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants