Re: [libvirt-users] libvirt-sandbox question.
On Wed, Jan 29, 2014 at 09:59:30AM -0500, Christopher Stone wrote:
I hope this question isn't considered too off topic for this
list, I am
trying to reach the libvirt-sandbox developers, but I could not find a
libvirt-sandbox specific mailing list, and it seemed to me that
libvirt-sandbox was a part of libvirt itself.
Yes, libvirt-sandbox questions are welcome here
http://sandbox.libvirt.org/communicate/
Next, I try to use libvirt-sandbox, and I get the following error:
[root@scwnet1 tests]# /usr/local/bin/virt-sandbox -c lxc:/// /bin/sh
Unable to start sandbox: Failed to create domain: unsupported
configuration: Unable to find security driver for label selinux
Ok, so libvirt either hasn't compiled selinux, or has failed to
activate it
configure:71252: Security Drivers
configure:71254:
configure:71256: SELinux: yes (/sys/fs/selinux)
configure:71258: AppArmor: no (install profiles: no)
That confirms you've got basic SELinux support compiled, but it
doesn't mean that's enough to enable it for LXC. We also have
a check for the selinux_lxc_contexts_path function in libselinux.so
My libvirt capabilites shows this:
[root@scwnet1 tests]# virsh -c lxc:/// capabilities
<capabilities>
<secmodel>
<model>none</model>
<doi>0</doi>
</secmodel>
</host>
</capabilities>
I am not sure if secmodel none is the problem.
Yes, that confirms that it definitely isn't available for LXC
I think you'd probably need to upgrade the libselinux library
and selinux policy too I'm afraid.
FWIW, I've never really intended that libvirt-sandbox work on
RHEL-6, since as you've discovered quite a few dependancies
are too old and require updating. I've only targetted Fedora
and forthcoming RHEL-7
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|