zoukankan      html  css  js  c++  java
  • (OK) running imunes in Fedora 23

    [root@localhost ~]# systemctl start docker

    [root@localhost ~]# /usr/share/openvswitch/scripts/ovs-ctl start


    +++++++++++++++++++++++++++++++++++++++

    [root@localhost imunes]# grep ovs-appctl /var/log/audit/audit.log | audit2allow -M mypol
    [root@localhost imunes]# semodule -i mypol.pp


    https://github.com/imunes/imunes/issues/33


    change the docker template uri to just "imunes/vroot:base" in prepare_vroot.sh

    then

    [root@localhost imunes]# imunes -p

    [root@localhost imunes]# imunes

    +++++++++++++++++++++++++++++++++++++++

    ELinux is preventing ovs-appctl from 'read, write' accesses on the file ovsdb-server.pid.

    *****  Plugin catchall (100. confidence) suggests   **************************

    If 您确定应默认允许 ovs-appctl read write 访问 ovsdb-server.pid file。
    Then 您应该将这个情况作为 bug 报告。
    您可以生成本地策略模块允许这个访问。
    Do
    请执行以下命令此时允许这个访问:
    # grep ovs-appctl /var/log/audit/audit.log | audit2allow -M mypol
    # semodule -i mypol.pp

    Additional Information:
    Source Context                system_u:system_r:openvswitch_t:s0-s0:c0.c1023
    Target Context                unconfined_u:object_r:var_run_t:s0
    Target Objects                ovsdb-server.pid [ file ]
    Source                        ovs-appctl
    Source Path                   ovs-appctl
    Port                          <Unknown>
    Host                          localhost.localdomain
    Source RPM Packages           
    Target RPM Packages           
    Policy RPM                    selinux-policy-3.13.1-152.fc23.noarch
    Selinux Enabled               True
    Policy Type                   targeted
    Enforcing Mode                Enforcing
    Host Name                     localhost.localdomain
    Platform                      Linux localhost.localdomain 4.2.3-300.fc23.x86_64
                                  #1 SMP Mon Oct 5 15:42:54 UTC 2015 x86_64 x86_64
    Alert Count                   1
    First Seen                    2016-01-27 08:11:02 CST
    Last Seen                     2016-01-27 08:11:02 CST
    Local ID                      c605ec33-38c2-4da2-a705-e2f34268cfe6

    Raw Audit Messages
    type=AVC msg=audit(1453853462.215:579): avc:  denied  { read write } for  pid=5426 comm="ovs-appctl" name="ovsdb-server.pid" dev="tmpfs" ino=39174 scontext=system_u:system_r:openvswitch_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file permissive=0


    Hash: ovs-appctl,openvswitch_t,var_run_t,file,read,write

    +++++++++++++++++++++++++

    # Fedora 22

        # dnf install openvswitch docker-io xterm wireshark-gnome ImageMagick tcl tcllib tk kernel-modules-extra util-linux

        # echo 'DOCKER_STORAGE_OPTIONS="-s overlay"' >> /etc/sysconfig/docker-storage
        # systemctl restart docker

    ----------
        Arch:
        # cp /usr/lib/systemd/system/docker.service /etc/systemd/system/docker.service
        ### add overlay to ExecStart
        ExecStart=/usr/bin/docker daemon -s overlay -H fd://
        ### reload systemd files and restart docker.service
        # systemctl daemon-reload
        # systemctl restart docker

        Check status with docker info:
        # docker info | grep Storage
        Storage Driver: overlay
    ----------

    ### Installing IMUNES

    Checkout the last fresh IMUNES source through the public github
    repository:

        # dnf install git

        # git clone https://github.com/imunes/imunes.git

    Now we need to install IMUNES and populate the virtual file system
    with predefined and required data. To install imunes on the system
    execute (as root):

        # cd imunes
        # make install

    ### Filesystem for virtual nodes

    For the topologies to work a template filesystem must be created.
    This is done by issuing the following command (as root):

        # imunes -p

    Now the IMUNES GUI can be ran just by typing the imunes command
    in the terminal:

        # imunes

    To execute experiments, run it as root.

    For additional information visit our web site:
            http://imunes.net/
    <script>window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"16"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)];</script>
    阅读(69) | 评论(0) | 转发(0) |
    给主人留下些什么吧!~~
    评论热议
  • 相关阅读:
    poj 2000
    poj1316
    poj1922
    poj2017
    poj1833 排列
    poj1338
    poj2136
    poj2242
    IE兼容html5标签
    绑定事件后,某些情况下需要解绑该事件
  • 原文地址:https://www.cnblogs.com/ztguang/p/12649557.html
Copyright © 2011-2022 走看看