Hi Dan,

Still the same....VM can spoof the ip address...attached is the VM domain
xml file....

On Thu, Jun 26, 2014 at 5:30 PM, Punit Dambiwal <hypu...@gmail.com> wrote:

> Hi Sven,
> I already give the sudo user permission to VDSM user...
> Yes..after VDSM restart i can see this hook in host tab....I will test it
> again and udpate you guys if still not solve....
> On Thu, Jun 26, 2014 at 4:03 PM, Antoni Segura Puimedon <
> asegu...@redhat.com> wrote:
>> ----- Original Message -----
>> > From: "Sven Kieske" <s.kie...@mittwald.de>
>> > To: users@ovirt.org
>> > Sent: Thursday, June 26, 2014 9:12:31 AM
>> > Subject: Re: [ovirt-users] Ip spoofing
>> >
>> > Well this is strange, and this should not be the reason
>> > but can you attach a ".py" ending to the file names (maybe vdsm performs
>> > some strange checks)?
>> We do not ;-)
>> > your permissions look good.
>> > the only other thing I can think of are selinux
>> > restrictions, can you check them with:
>> > #this gives you the actual used selinux security level:
>> > getenforce
>> That could be it
>> > :this gives you the selinux attributes for the folder:
>> > ls -lZ /usr/libexec/vdsm/hooks/before_device_create
>> >
>> > I first thought it might be related to vdsms sudoers
>> > rights but a plain python script should be executed
>> > without modification to the sudoers config.
>> >
>> > HTH
>> >
>> > Am 26.06.2014 06:22, schrieb Punit Dambiwal:
>> > > Hi Dan,
>> > >
>> > > The permission looks ok...
>> > >
>> > >
>> > > [root@gfs1 ~]# su - vdsm -s
>> > > /bin/bash
>> > > -bash-4.1$ ls -l /usr/libexec/vdsm/hooks/before_device_create
>> > > total 8
>> > > -rwxr-xr-x. 1 root root 1702 Jun 10 05:25 50_macspoof
>> > > -rwxr-xr-x. 1 root root 2490 Jun 23 17:47 50_noipspoof
>> > > -bash-4.1$ exit
>> > > logout
>> > > [root@gfs1 ~]#
>> > >
>> > > But the strange thing is noipspoof hook not display in the host hooks
>> > > windows....
>> >
>> > --
>> > Mit freundlichen Grüßen / Regards
>> >
>> > Sven Kieske
>> >
>> > Systemadministrator
>> > Mittwald CM Service GmbH & Co. KG
>> > Königsberger Straße 6
>> > 32339 Espelkamp
>> > T: +49-5772-293-100
>> > F: +49-5772-293-333
>> > https://www.mittwald.de
>> > Geschäftsführer: Robert Meyer
>> > St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad
>> Oeynhausen
>> > Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad
>> Oeynhausen
>> > _______________________________________________
>> > Users mailing list
>> > Users@ovirt.org
>> > http://lists.ovirt.org/mailman/listinfo/users
>> >
>> _______________________________________________
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
[root@gfs1 ~]# virsh -r dumpxml vm11
<domain type='kvm' id='23'>
  <memory unit='KiB'>1048576</memory>
  <currentMemory unit='KiB'>1048576</currentMemory>
    <min_guarantee unit='KiB'>1048576</min_guarantee>
  <vcpu placement='static' current='1'>160</vcpu>
  <sysinfo type='smbios'>
      <entry name='manufacturer'>oVirt</entry>
      <entry name='product'>oVirt Node</entry>
      <entry name='version'>6-5.el6.centos.11.1</entry>
      <entry name='serial'>44454C4C-3500-104B-8051-B6C04F504E31</entry>
      <entry name='uuid'>2cb5db55-5d20-4cd6-8a5b-d25654a1bfec</entry>
    <type arch='x86_64' machine='rhel6.5.0'>hvm</type>
    <boot dev='hd'/>
    <smbios mode='sysinfo'/>
  <cpu mode='custom' match='exact'>
    <model fallback='allow'>Nehalem</model>
    <topology sockets='160' cores='1' threads='1'/>
  <clock offset='variable' adjustment='0' basis='utc'>
    <timer name='rtc' tickpolicy='catchup'/>
    <disk type='file' device='cdrom'>
      <driver name='qemu' type='raw'/>
      <source startupPolicy='optional'/>
      <target dev='hdc' bus='ide'/>
      <alias name='ide0-1-0'/>
      <address type='drive' controller='0' bus='1' target='0' unit='0'/>
    <disk type='file' device='cdrom'>
      <driver name='qemu' type='raw'/>
      <target dev='hdd' bus='ide'/>
      <alias name='ide0-1-1'/>
      <address type='drive' controller='0' bus='1' target='0' unit='1'/>
    <disk type='file' device='disk' snapshot='no'>
      <driver name='qemu' type='raw' cache='none' error_policy='stop' 
        <seclabel model='selinux' relabel='no'/>
      <target dev='vda' bus='virtio'/>
      <alias name='virtio-disk0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' 
    <controller type='usb' index='0'>
      <alias name='usb0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' 
    <controller type='ide' index='0'>
      <alias name='ide0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' 
    <controller type='virtio-serial' index='0'>
      <alias name='virtio-serial0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' 
    <interface type='bridge'>
      <mac address='00:1a:4a:81:80:01'/>
      <source bridge='private'/>
      <target dev='vnet0'/>
      <model type='virtio'/>
      <filterref filter='vdsm-no-mac-spoofing'/>
      <link state='up'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' 
    <channel type='unix'>
      <source mode='bind' 
      <target type='virtio' name='com.redhat.rhevm.vdsm'/>
      <alias name='channel0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    <channel type='unix'>
      <source mode='bind' 
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <alias name='channel1'/>
      <address type='virtio-serial' controller='0' bus='0' port='2'/>
    <input type='tablet' bus='usb'>
      <alias name='input0'/>
    <input type='mouse' bus='ps2'/>
    <graphics type='vnc' port='5900' autoport='yes' listen='0' keymap='en-us' 
      <listen type='address' address='0'/>
      <model type='cirrus' vram='32768' heads='1'/>
      <alias name='video0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' 
    <memballoon model='none'>
      <alias name='balloon0'/>
  <seclabel type='dynamic' model='selinux' relabel='yes'>

[root@gfs1 ~]#
Users mailing list

Reply via email to