Bug 1155410

Summary: An LXC domain without console dies soon after start
Product: Red Hat Enterprise Linux 7 Reporter: Yang Yang <yanyang>
Component: libvirtAssignee: Ján Tomko <jtomko>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1CC: dyuan, lsu, mzhan, rbalakri, shyu, xuzhang
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: libvirt-1.2.8-7.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-05 07:46:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
/var/log/messages
none
/var/log/libvirtd.log none

Description Yang Yang 2014-10-22 05:58:07 UTC 
Created attachment 949257 [details]
/var/log/messages

Description of problem:
Define/start a lxc without <console../> defined in xml. It is stopped by systemd soon. So libvirt should check the xml and forbid to start the container without console

Version-Release number of selected component (if applicable):
libvirt-1.2.8-5.el7.x86_64
3.10.0-189.el7.x86_64
systemd-208-14.el7.x86_64'

How reproducible:
100%

1. define/start a lxc without console
# cat lxc.xml
<domain type='lxc'>
  <name>lxc-test</name>
  <memory unit='KiB'>1048576</memory>
  <currentMemory unit='KiB'>1048576</currentMemory>
  <vcpu placement='static'>1</vcpu>
  <os>
    <type arch='x86_64'>exe</type>
<init>/bin/sh</init>  
</os>
  <clock offset='utc'>
    <timer name='rtc' tickpolicy='catchup'/>
    <timer name='pit' tickpolicy='delay'/>
    <timer name='hpet' present='no'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/libexec/libvirt_lxc</emulator>
    <interface type='network'>
      <mac address='52:54:00:8f:13:eb'/>
      <source network='default'/>
    </interface>
  </devices>
</domain>

# virsh -c lxc:/// define lxc.xml

# virsh -c lxc:/// start lxc-test
Domain lxc-test started

2. check the lxc status
# virsh -c lxc:/// list --all
 Id    Name                           State
----------------------------------------------------
 -     lxc-test                       shut off

Actual result:
lxc without console can be started by libvirtd, but it is
stopped by systemd soon

Expected result:
libvirt should forbid to start the lxc without <console../> defining in xml

Additional info:
Comment 1 Yang Yang 2014-10-22 05:58:50 UTC 
Created attachment 949259 [details]
/var/log/libvirtd.log
Comment 3 Ján Tomko 2014-10-31 09:30:15 UTC 
Upstream patch:
https://www.redhat.com/archives/libvir-list/2014-October/msg01101.html
Comment 4 Ján Tomko 2014-11-05 12:19:58 UTC 
Now pushed upstream:
commit 44686f6523cb30a174c052a242fa15f6a2b364e5
Author:     Ján Tomko <jtomko>
AuthorDate: 2014-10-31 09:51:23 +0100
Commit:     Ján Tomko <jtomko>
CommitDate: 2014-11-04 15:07:09 +0100

    Require at least one console for LXC domain
    
    A domain without a console quietly dies soon after start,
    because we try to set /dev/null as a controlling TTY
    2014-10-30 15:10:59.705+0000: 1: error : lxcContainerSetupFDs:283 :
    ioctl(TIOCSCTTY) failed: Inappropriate ioctl for device
    
    Report an error early instead of trying to start it.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1155410

git describe: v1.2.10-17-g44686f6
Comment 7 Shanzhi Yu 2014-11-26 06:33:51 UTC 
Verify this bug with libvirt-1.2.8-9.el7.x86_64.

1. Define a lxc guest without any console

# virsh  -c lxc:/// dumpxml lxc-test
<domain type='lxc'>
  <name>lxc-test</name>
  <uuid>b637ffd5-0fcc-48fa-95f3-bbd0504d8643</uuid>
  <memory unit='KiB'>1048576</memory>
  <currentMemory unit='KiB'>1048576</currentMemory>
  <vcpu placement='static'>1</vcpu>
  <resource>
    <partition>/machine</partition>
  </resource>
  <os>
    <type arch='x86_64'>exe</type>
    <init>/bin/sh</init>
  </os>
  <clock offset='utc'>
    <timer name='rtc' tickpolicy='catchup'/>
    <timer name='pit' tickpolicy='delay'/>
    <timer name='hpet' present='no'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/libexec/libvirt_lxc</emulator>
    <filesystem type='mount' accessmode='passthrough'>
      <source dir='/'/>
      <target dir='/'/>
    </filesystem>
    <interface type='network'>
      <mac address='52:54:00:8f:13:eb'/>
      <source network='default'/>
    </interface>
  </devices>
  <seclabel type='none' model='selinux'/>
</domain>

2. Try to start lxc

# virsh  -c lxc:/// start lxc-test
error: Failed to start domain lxc-test
error: unsupported configuration: At least one PTY console is required

The result is expected, so I will change this bug to VERIFIED status
Comment 9 errata-xmlrpc 2015-03-05 07:46:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0323.html