On Tue, 2017-11-14 at 14:50 -0800, Rick Stevens wrote: > On 11/14/2017 02:31 PM, Patrick O'Callaghan wrote: > > On trying to fire up a VM using virt-manager, I get "unable to map > > backing store for guest RAM: Permission denied". > > > > I use hugepages to lock down memory for the VM, which may be relevant > > for the error. This worked correctly on F26 just before the upgrade to > > F27. I have changed nothing in my VM configuration, nor in the config > > file for QEMU. However, temporarily turning off SElinux allows the > > startup to proceed, after which I can re-enable SElinux with no ill > > effects, i.e. the VM runs correctly. > > > > A complete relabel of my system (touch /.autolabel and reboot) has made > > no difference. > > Have you checked the AVC reports from selinux? It smells like a bad > policy re: hugepages for KVMs. It's difficult to say without the actual > AVC denials. Not seeing anything. The only AVC reports in journalctl are about some dbus stuff unrelated to libvirtd. Interestingly the libvirtd startup lines in journalctl show: ... error : virAuditOpen:62 : Unable to initialise audit layer: Protocol not supported but it's not clear whether that has any relevance. As I say, toggling setenforce lets libvirtd start and from then on everything works. poc _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
