found 1 alerts in qemu_blk_image.log
--------------------------------------------------------------------------------


Summary:

SELinux is preventing qemu (qemu-kvm) "read" to HelpdeskRHEL4-RHEL4.x86_64
(fixed_disk_device_t).

Detailed Description:

SELinux denied qemu access to the block device HelpdeskRHEL4-RHEL4.x86_64. If
this is a virtualization image, it needs to be labeled with a virtualization
file context (virt_image_t). You can relabel HelpdeskRHEL4-RHEL4.x86_64 to be
virt_image_t using chcon. You also need to execute semanage fcontext -a -t
virt_image_t 'HelpdeskRHEL4-RHEL4.x86_64' to add this new path to the system
defaults. If you did not intend to use HelpdeskRHEL4-RHEL4.x86_64 as a qemu
image it could indicate either a bug or an intrusion attempt.

Allowing Access:

You can alter the file context by executing chcon -t virt_image_t
'HelpdeskRHEL4-RHEL4.x86_64' You must also change the default file context files
on the system in order to preserve them even on a full relabel. "semanage
fcontext -a -t virt_image_t 'HelpdeskRHEL4-RHEL4.x86_64'"

Fix Command:

chcon -t virt_image_t 'HelpdeskRHEL4-RHEL4.x86_64'

Additional Information:

Source Context                system_u:system_r:qemu_t:s0
Target Context                system_u:object_r:fixed_disk_device_t:s0
Target Objects                HelpdeskRHEL4-RHEL4.x86_64 [ blk_file ]
Source                        qemu-kvm
Source Path                   /usr/bin/qemu-kvm
Port                          <Unknown>
Host                          dhcppc2
Source RPM Packages           kvm-74-2.fc10
Target RPM Packages           
Policy RPM                    selinux-policy-3.5.7-1.fc10
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   qemu_blk_image
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain
                              2.6.27-0.305.rc5.git6.fc10.x86_64 #1 SMP Thu Sep 4
                              21:42:09 EDT 2008 x86_64 x86_64
Alert Count                   1
First Seen                    Tue Jul 22 08:19:48 2008
Last Seen                     Tue Jul 22 08:19:48 2008
Local ID                      a9eec542-1f2b-4269-a0ce-5c83b6ed66be
Line Numbers                  1

Raw Audit Messages            

host=dhcppc2 type=AVC msg=audit(1216729188.853:241): avc:  denied  { read } for pid=14066 comm="qemu-kvm" name="HelpdeskRHEL4-RHEL4.x86_64" dev=tmpfs ino=333 scontext=system_u:system_r:qemu_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file host=dhcppc2 type=SYSCALL msg=audit(1216729188.853:241): arch=c000003e syscall=2 success=no exit=-13 a0=7fff6f654680 a1=0 a2=1a4 a3=3342f67a70 items=0 ppid=2953 pid=14066 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=system_u:system_r:qemu_t:s0 key=(null)