Essential guide to Linux in the enterprise
A comprehensive collection of articles, videos and more, hand-picked by our editors
I'm running Fedora 17 with KVM and the virtual machine runs okay. I tried to follow this to get access to a file...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
on the host system but SELinux prevents the VM from accessing any files other than those in /var/lib/libvirt/images. This is the message the host gives when running ls inside the VM on the shared path: "SELinux is preventing /usr/bin/qemu-kvm from read access on the directory share."
How can I get around this? The purpose of my VM is to test binaries on multiple Linux distributions, so a shared path would be easiest. Is there a way to make /tmp/share absolutely accessible to everyone?
The reason you cannot share virtual machines in a path other than /var/lib/libvirt/images is SELinux. SELinux adds additional protection to your system. By using labels on directories, it sets directories for a specific purpose only. The elegant way to store image files somewhere else is by setting the appropriate context type label on that directory. In your case, run the following two commands (make sure to execute them from a root shell):
semanage --t --a virt_image_t /tmp/share(/.*) ?
restorecon --R --v /tmp/share
If that doesn't work, you can also disable SELinux completely. To do this, make sure the following line is included in the file /etc/sysconfig/selinux:
Until you have time to reboot your computer, you can also use setenforce 0 to temporarily disable SELinux, but don't forget to change the above configuration file, or else it will automatically be enabled again when you're rebooting.
Next, you say you want to make the content of /tmp/share accessible to everyone. The easiest way is by creating an NFS share. Make sure the file /etc/exports contains the following line:
Next, use the command service nfs start to start the NFS server. From any other computer, you can now mount the NFS share, using a command like the following:
mount --t nfs your.fedora.computer:/tmp/share/mnt
You'll now have access to the contents of the NFS share by accessing the /mnt directory, and you can access the image files from there.
About the author:
Sander van Vugt is an independent trainer and consultant based in the Netherlands. He is an expert in Linux high availability, virtualization and performance. He has authored many books on Linux topics, including Beginning the Linux Command Line, Beginning Ubuntu LTS Server Administration and Pro Ubuntu Server Administration.
Related Q&A from Sander van Vugt
OpenStack security groups allow admins to control traffic into cloud computing instances. But is it possible to change the rules within a default ...continue reading
Admins can pause, suspend, shelve or stop a compute instance in OpenStack. But what are the key differences between each option?continue reading
The OpenStack cloud platform consists of a range of different services and components. How can Tempest help me test that everything works properly?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.