(OK) running imunes in Fedora 23

[root@localhost ~]# systemctl start docker

[root@localhost ~]# /usr/share/openvswitch/scripts/ovs-ctl start

+++++++++++++++++++++++++++++++++++++++

[root@localhost imunes]# grep ovs-appctl /var/log/audit/audit.log | audit2allow -M mypol

[root@localhost imunes]# semodule -i mypol.pp

https://github.com/imunes/imunes/issues/33

change the docker template uri to just "imunes/vroot:base" in prepare_vroot.sh

then

[root@localhost imunes]# imunes -p

[root@localhost imunes]# imunes

+++++++++++++++++++++++++++++++++++++++

ELinux is preventing ovs-appctl from 'read, write' accesses on the file ovsdb-server.pid.

***** Plugin catchall (100. confidence) suggests **************************

If 您确定应默认允许 ovs-appctl read write 访问 ovsdb-server.pid file。

Then 您应该将这个情况作为 bug 报告。

您可以生成本地策略模块允许这个访问。

Do

请执行以下命令此时允许这个访问：

# grep ovs-appctl /var/log/audit/audit.log | audit2allow -M mypol

# semodule -i mypol.pp

Additional Information:

Source Context system_u:system_r:openvswitch_t:s0-s0:c0.c1023

Target Context unconfined_u:object_r:var_run_t:s0

Target Objects ovsdb-server.pid [ file ]

Source ovs-appctl

Source Path ovs-appctl

Port <Unknown>

Host localhost.localdomain

Source RPM Packages

Target RPM Packages

Policy RPM selinux-policy-3.13.1-152.fc23.noarch

Selinux Enabled True

Policy Type targeted

Enforcing Mode Enforcing

Host Name localhost.localdomain

Platform Linux localhost.localdomain 4.2.3-300.fc23.x86_64

#1 SMP Mon Oct 5 15:42:54 UTC 2015 x86_64 x86_64

Alert Count 1

First Seen 2016-01-27 08:11:02 CST

Last Seen 2016-01-27 08:11:02 CST

Local ID c605ec33-38c2-4da2-a705-e2f34268cfe6

Raw Audit Messages

type=AVC msg=audit(1453853462.215:579): avc: denied { read write } for pid=5426 comm="ovs-appctl" name="ovsdb-server.pid" dev="tmpfs" ino=39174 scontext=system_u:system_r:openvswitch_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file
permissive=0

Hash: ovs-appctl,openvswitch_t,var_run_t,file,read,write

+++++++++++++++++++++++++

# Fedora 22

# dnf install openvswitch docker-io xterm wireshark-gnome ImageMagick tcl tcllib tk kernel-modules-extra util-linux

# echo 'DOCKER_STORAGE_OPTIONS="-s overlay"' >> /etc/sysconfig/docker-storage

# systemctl restart docker

----------

Arch:

# cp /usr/lib/systemd/system/docker.service /etc/systemd/system/docker.service

### add overlay to ExecStart

ExecStart=/usr/bin/docker daemon -s overlay -H fd://

### reload systemd files and restart docker.service

# systemctl daemon-reload

# systemctl restart docker

Check status with docker info:

# docker info | grep Storage

Storage Driver: overlay

----------

### Installing IMUNES

Checkout the last fresh IMUNES source through the public github

repository:

# dnf install git

# git clone https://github.com/imunes/imunes.git
Now we need to install IMUNES and populate the virtual file system

with predefined and required data. To install imunes on the system

execute (as root):

# cd imunes

# make install

### Filesystem for virtual nodes

For the topologies to work a template filesystem must be created.

This is done by issuing the following command (as root):

# imunes -p

Now the IMUNES GUI can be ran just by typing the imunes command

in the terminal:

# imunes

To execute experiments, run it as root.

For additional information visit our web site:
http://imunes.net/