Bug 1305582
| Summary: | Unable to create any guest as root: "process exited while connecting to monitor:" + blank | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Richard W.M. Jones <rjones> | ||||||||||||
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> | ||||||||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||||||
| Severity: | high | Docs Contact: | |||||||||||||
| Priority: | high | ||||||||||||||
| Version: | 24 | CC: | agedosier, berrange, clalancette, dominick.grift, dwalsh, flast, itamar, jfilak, jforbes, laine, libvirt-maint, lvrabec, mgrepl, plautrba, redhat, sgallagh, veillard, virt-maint | ||||||||||||
| Target Milestone: | --- | ||||||||||||||
| Target Release: | --- | ||||||||||||||
| Hardware: | Unspecified | ||||||||||||||
| OS: | Unspecified | ||||||||||||||
| Whiteboard: | |||||||||||||||
| Fixed In Version: | selinux-policy-3.13.1-191.13.fc24 | Doc Type: | Bug Fix | ||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||
| Clone Of: | Environment: | ||||||||||||||
| Last Closed: | 2016-08-25 13:53:01 UTC | Type: | Bug | ||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||
| Documentation: | --- | CRM: | |||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||
| Embargoed: | |||||||||||||||
| Bug Depends On: | |||||||||||||||
| Bug Blocks: | 910269 | ||||||||||||||
| Attachments: |
|
||||||||||||||
|
Description
Richard W.M. Jones
2016-02-08 15:58:03 UTC
Created attachment 1122189 [details]
Complete output of libguestfs-test-tool
Created attachment 1122190 [details]
guestfs-3t3idfnz9volfwqq.log
qemu debug log
This is the code where libguestfs fetches the error message from libvirt for display. Note that err->message seems to be an empty string. https://github.com/libguestfs/libguestfs/blob/master/src/launch-libvirt.c#L2115-L2119 (In reply to Richard W.M. Jones from comment #3) > Note that err->message seems to be an empty string. That's not quite correct. err->message contains "internal error: process exited while connecting to monitor: " selinux-policy was recently updated from 3.13.1-168.fc24 to 3.13.1-169.fc24 Note this WORKS as non-root. It's only failing as root. So it seems unlikely to be a problem with qemu or the kernel. selinux-policy -168 fails in the same way. I did a full filesystem relabel, and it's still failing in the same way. Created attachment 1122196 [details]
libvirtd.log
The actual error seems to be "No such process".
2016-02-08 16:29:26.787+0000: 2631: debug : qemuProcessLaunch:4954 : Waiting for monitor to show up
2016-02-08 16:29:26.787+0000: 2631: debug : qemuProcessWaitForMonitor:1927 : Connect monitor to 0x7f0368004c50 'guestfs-ema5t5i89adarl2k'
2016-02-08 16:29:26.787+0000: 2631: debug : virSecuritySELinuxSetDaemonSocketLabel:2221 : Setting VM guestfs-ema5t5i89adarl2k socket context system_u:system_r:virtd_t:s0:c689,c817
2016-02-08 16:29:26.787+0000: 2631: info : virObjectRef:296 : OBJECT_REF: obj=0x7f0368004c50
2016-02-08 16:29:26.988+0000: 2631: error : qemuMonitorOpenUnix:361 : failed to connect to monitor socket: No such process
2016-02-08 16:29:26.988+0000: 2631: debug : virFileClose:103 : Closed fd 26
2016-02-08 16:29:26.988+0000: 2631: info : virObjectUnref:259 : OBJECT_UNREF: obj=0x7f0368004c50
2016-02-08 16:29:26.988+0000: 2631: info : qemuConnectMonitor:1612 : Failed to connect monitor for guestfs-ema5t5i89adarl2k
Created attachment 1122198 [details]
guestfs-ema5t5i89adarl2k.log
qemu log file corresponding to previous comment.
Created attachment 1122199 [details]
system logs
These are the system logs from around the time of the failed launch.
Various AVCs in there.
audit2allow suggested: allow svirt_t virtd_t:fifo_file write; I loaded this rule, which allowed me to continue past this error. There is a further problem, but I will file a different BZ about that. *** Bug 1303971 has been marked as a duplicate of this bug. *** Description of problem: I ran "$ virsh -c qemu:///system start $vm" Version-Release number of selected component: selinux-policy-3.13.1-169.fc24.noarch Additional info: reporter: libreport-2.6.4.2.g18a1 hashmarkername: setroubleshoot kernel: 4.5.0-0.rc3.git1.2.fc24.x86_64 type: libreport This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle. Changing version to '24'. More information and reason for this action is here: https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora24#Rawhide_Rebase *** Bug 1315058 has been marked as a duplicate of this bug. *** Description of problem: I launched a VM with virt-manager. Version-Release number of selected component: selinux-policy-3.13.1-178.fc24.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.5.0-0.rc7.git0.2.fc24.x86_64 type: libreport I add some fixes related to this issue. selinux-policy-3.13.1-191.13.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-6164469d14 selinux-policy-3.13.1-191.13.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-6164469d14 selinux-policy-3.13.1-191.13.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. |