On Fri, Oct 15, 2010 at 04:04:13PM +0930, Mike Hall wrote: > All test machines are CentOS 5.5 (RHEL subscriptions purchased). > > We've had NFS3 storage working fine and decided to try NFS4. > > We can mount an NFS4 share on our KVM host, but the SELinux file context on the mountpoint directory is magically changed from virt_image_t to nfs_t. Restorecon refuses to change it back. NFS doesn't support extended attributes, so even if the filesystem exported on the server has suitable labelling, no NFS client will see the labels. You'll get a single label for the entire mount point. > > Adding the mount option context=system_u:object_r:virt_image_t on either server or client doesn't help (option not recognised). The mount option work, but check the mount man page for confirmation of exact syntax > What could we be doing wrong? Does NFS4 + KVM work? The other option is to toggle the 'virt_use_nfs' selinux boolean which should allow access to nfs_t files. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
