WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] RE: ACM errors -- CentOS 5.2 and Xen 3.2.1 incompatibility?

To: Dilshan Jayarathna <dilshan.jayarathna@xxxxxxxxx>, "xen-users@xxxxxxxxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-users] RE: ACM errors -- CentOS 5.2 and Xen 3.2.1 incompatibility?
From: "Nadolski, Ed" <Ed.Nadolski@xxxxxxx>
Date: Thu, 14 Aug 2008 09:14:22 -0600
Accept-language: en-US
Acceptlanguage: en-US
Cc: "Kumar, Venkat" <Venkat.Kumar@xxxxxxx>
Delivery-date: Thu, 14 Aug 2008 08:21:27 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <48A25A42.1030708@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <8115AF16522A3D4383C1FF753036713F326C2ED4@xxxxxxxxxxxxxxxxx> <48A25A42.1030708@xxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acj8+AxUbEAglz6HTSyapNrlT9fo6ABJijcg
Thread-topic: ACM errors -- CentOS 5.2 and Xen 3.2.1 incompatibility?
Thanks Dilshan.  I don't see the .xml file -- did you have to run 
xensec_ezpolicy or anything else to generate that, or to compile/load a policy?

I upgraded to xen-unstable.hg and built with the following changes in Config.mk:

XSM_ENABLE ?= y
FLASK_ENABLE ?= n
ACM_SECURITY ?= y
ACM_DEFAULT_SECURITY_POLICY  ?= ACM_NULL_POLICY

However I am not sure if these are correct since some of my docs/info may be 
out of date.

With the above, the ACMError for the "xm list" goes away, and "xm list -label" 
shows "INACTIVE" .  But the "xm dmesg" and "xm_info" still give the 'Permission 
denied' error.  So I'm not sure if this is related to the ACM/policy or if it 
is something else.

I'll see if the policy compile/load helps.  Any other thoughts/ideas?

Thanks once again,
Ed

________________________________________
From: Dilshan Jayarathna [mailto:dilshan.jayarathna@xxxxxxxxx]
Sent: Tuesday, August 12, 2008 9:52 PM
To: Nadolski, Ed; xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] ACM errors -- CentOS 5.2 and Xen 3.2.1 incompatibility?

Hi Ed,

I have xen 3.2.0 (from source rpm) built with CentOS 5.2 on DQ35 box with ACM 
enabled and the commands in question seem to work.

Do you have xml file beginning with your policy name in 
/etc/xen/acm-security/policies/?
You must have file called "<your_security_policy_name>-security_policy.xml".
e.g. 'DEFAULT-UL-security_policy.xml (default policy)

Regards,
Dilshan

Nadolski, Ed wrote:
Has anyone seen the following errors on CentOS 5.2 with Xen 3.2.1:

# xm list
ACMError: Policy file '/etc/xen/acm-security/policies/-security_policy.xml' not 
found.
# xm dmesg
Error: (13, 'Permission denied')


I get these every time I do the following:

1. Default install of CentOS 5.2 on Intel DQ35 motherboard system
2. Install mercurial
3. Download xen-3.2.1.tar.gz from xen.org and untar.
4. make world (fails when it can't find linux-2.6.18-xen.hg)
5. hg clone http://xenbits.xensource.com/linux-2.6.18-xen.hg
6. make all (succeeds)
7. make install (succeeds)
8. depmod & mkinitrd
9. edit grub.conf and reboot new Xen kernel

After reboot, I then run "xm list" and "xm dmesg" which used to work but now 
give the above error.

Evidently it doesn't like my security policy and more -- any thoughts/ideas on 
why?   Is this a known bug or incompatibility? Is my build/config wrong?

Thanks,
Ed Nadolski
LSI




_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>