Bug 1028962

Summary: Running domain may disappear after libvirtd is restarted when selinux security driver is disabled and didn't enable the model='selinux' in guest's xml
Product: Red Hat Enterprise Linux 7 Reporter: Michal Privoznik <mprivozn>
Component: libvirtAssignee: Michal Privoznik <mprivozn>
Status: CLOSED CURRENTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: acathrow, ajia, dallan, dyuan, gsun, mzhan, shyu, ydu, zhwang
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: libvirt-1.1.1-13.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1027096 Environment:
Last Closed: 2014-06-13 09:44:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1027096    
Bug Blocks:    

Description Michal Privoznik 2013-11-11 11:02:30 UTC 
+++ This bug was initially created as a clone of Bug #1027096 +++

Description of problem:
Running domain may disappear after libvirtd is restarted when selinux security driver is disabled and didn't enable the model='selinux' in guest's xml

Version-Release number of selected component (if applicable):
libvirt-0.10.2-29.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.415.el6.x86_64
kernel-2.6.32-425.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1. set security_driver = "none" in /etc/libvirt/qemu.conf

2. restart libvirtd service

3. start a domain which contains <seclabel type='dynamic' relabel='yes'/> in its XML configuration,
   here we didn't configure the model='selinux' in guest's xml

4. restart libvirtd

5. domain is lost

Actual results:
Running domain may disappear after libvirtd is restarted when selinux security driver is disabled and didn't enable the model='selinux' in guest's xml

Expected results:
While the seclabel element in guest's xml didn't inculde the model='selinux',
if the selinux allow the guest to start , the guest shouldn't disappear while restart the libvirtd service , if the selinux disallow the guest to start, it should report a proper error while we start the guest

Additional info:

--- Additional comment from Dave Allan on 2013-11-06 22:05:30 CET ---

See also Bug 947387

--- Additional comment from Michal Privoznik on 2013-11-11 11:48:54 CET ---

Patch has been proposed upstream:

https://www.redhat.com/archives/libvir-list/2013-November/msg00313.html
Comment 1 Michal Privoznik 2013-11-11 16:13:30 UTC 
Moving to POST:

http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-November/msg00800.html
Comment 3 yanbing du 2013-11-26 06:53:00 UTC 
Verify this bug with libvirt-1.1.1-13.el7.x86_64.
Following the reproduce steps, when start a guest with which contains <seclabel type='dynamic' relabel='yes'/> in its XML configuration, and restart libvirtd, the guest still in running status.
 
BTW, and warning message produce on libvirtd.log:
2013-11-26 06:48:41.253+0000: 16215: warning : virSecurityManagerNew:177 : Configured security driver "none" disables default policy to create confined guests
Comment 4 Ludek Smid 2014-06-13 09:44:45 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.