Bug 1113861
| Summary: | The guest will disappear after restart the libvirtd service while set seclabel type='static' model='none' relabel='yes'/> in guest's xml. | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | zhenfeng wang <zhwang> |
| Component: | libvirt | Assignee: | Michal Privoznik <mprivozn> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | dyuan, gsun, mzhan, rbalakri, ydu |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-1.2.7-1.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1113860 | Environment: | |
| Last Closed: | 2015-03-05 07:40:39 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1113860 | ||
| Bug Blocks: | |||
|
Description
zhenfeng wang
2014-06-27 05:38:13 UTC
commit 99c8d2e8087135a57a54f205aabad8e911e53519
Author: Michal Privoznik <mprivozn>
AuthorDate: Wed Jul 9 14:36:04 2014 +0200
Commit: Michal Privoznik <mprivozn>
CommitDate: Mon Jul 14 11:10:09 2014 +0200
conf: Always format seclabel's model
https://bugzilla.redhat.com/show_bug.cgi?id=1113860
We've always done that. Well, until 990e46c45. Point is, if we don't
format model, we may lose a domain on libvirtd restart. If the
seclabel is implicit however, we should skip it's formatting.
Signed-off-by: Michal Privoznik <mprivozn>
v1.2.6-131-g99c8d2e
I could reproduce it with libvirt-1.1.1-29.el7.x86_64 as following steps: 1.Prepare a shutoff guest # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 2.Edit the guest, add the following content to the guest's xml #virsh edit rhel6 -- <seclabel type='static' model='none' relabel='yes'/> -- #virsh dumpxml rhel6 <seclabel type='static' relabel='yes'/> 3.Check the guest status # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 4.Restart the libvirtd service #service libvirtd restart 5.Re-check the guest status, the guest has disappeared # virsh list --all Id Name State ---------------------------------------------------- # 6.Check the libvirtd's log #cat /var/log/libvirt/libvirtd.log 2014-08-21 08:19:23.207+0000: 7395: error : virSecurityLabelDefParseXML:4559 : XML error: security label is missing Verified this with libvirt-1.2.7-1.el7.x86_64: 1.Prepare a shutoff guest # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 2.Edit the guest, add the following content to the guest's xml #virsh edit rhel6 -- <seclabel type='static' model='none' relabel='yes'/> -- #virsh dumpxml rhel6 <seclabel type='none' model='none'/> 3.Check the guest status # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 4.Restart the libvirtd service #service libvirtd restart 5.Re-check the guest status, the guest is still existed here. # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off # 6.Check the libvirtd's log #cat /var/log/libvirt/libvirtd.log Not find the error about virSecurityLabelDefParseXML. Verify the bug with libvirt-1.2.8-8.el7.x86_64 steps scenario 1 1.Prepare a shutoff guest # virsh list --all Id Name State ---------------------------------------------------- - rhel7.0 shut off 2.Edit the guest, add the following content to the guest's xml #virsh edit rhel7.0 -- <seclabel type='static' model='none' relabel='yes'/> -- #virsh dumpxml rhel7.0 <seclabel type='none' model='none'/> 3.Check the guest status # virsh list --all Id Name State ---------------------------------------------------- - rhel7.0 shut off 4.Restart the libvirtd service #service libvirtd restart 5.Re-check the guest status, the guest is still existed here. # virsh list --all Id Name State ---------------------------------------------------- - rhel7.0 shut off # 6.Check the libvirtd's log #cat /var/log/libvirt/libvirtd.log Not find the error about virSecurityLabelDefParseXML. 7.start the guest, the guest will fail to start with the expect error # virsh start rhel7.0 error: Failed to start domain rhel7.0 error: unsupported configuration: Unable to find security driver for label none scenario 2 1.Edit the guest's xml and add the following content to the guest'xml <seclabel type='dynamic' model='none' relabel='yes'/> 2.check the generated guest's xml #virsh dumpxml rhel7.0 -- <seclabel type='none' model='none'/> 3.Restart the libvirtd service, the guest was still exsiting #service libvirtd restart # virsh list --all Id Name State ---------------------------------------------------- - rhel7.0 shut off 4.Start the guest, will get the expect error # virsh start rhel7.0 error: Failed to start domain rhel7.0 error: unsupported configuration: Unable to find security driver for label none scenario 3 1.Edit the guest's xml and add the following content to the guest'xml <seclabel type='static' model='none' relabel='no'/> 2.check the generated guest's xml #virsh dumpxml rhel7.0 -- <seclabel type='none' model='none'/> 3.Restart the libvirtd service, the guest was still exsiting #service libvirtd restart # virsh list --all Id Name State ---------------------------------------------------- - rhel7.0 shut off 4.Start the guest, will get the expect error # virsh start rhel7.0 error: Failed to start domain rhel7.0 error: unsupported configuration: Unable to find security driver for label none Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0323.html |