Bug 1434651
Summary: | libvirt doesn't pass SSH_AUTH_SOCK through to qemu | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | kuwei <kuwei> |
Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> |
Status: | CLOSED DUPLICATE | QA Contact: | yafu <yafu> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.4 | CC: | dyuan, juzhou, mxie, mzhan, pkrempa, ptoscano, rbalakri, rjones, tzheng, xiaodwan, xuzhang, yafu, zpeng |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | V2V | ||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-03-23 07:47:24 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 910269 |
Description
kuwei@redhat.com
2017-03-22 02:21:17 UTC
Finally I'm able to reproduce this bug myself. This is a bug in libvirt. When a 'ssh' drive is requested (which also applies if the drive is a qcow2 file with an ssh backing file as in this case), libvirt must pass the SSH_AUTH_SOCK environment variable through to qemu. That is fundamentally how the libssh2 driver in qemu works. An example: You'll first need to set up passwordless (ssh-agent) access to a remote server (192.168.0.87 in the example below), and create a disk image of some kind on that remote server (/tmp/disk.img in the example below). SSH_AUTH_SOCK should be set in your local environment. $ qemu-img create -f qcow2 test1.qcow2 \ -b 'json: { "file.user": "root", "file.driver": "ssh", "file.path": "/tmp/disk.img", "file.host": "192.168.0.87", "file.host_key_check": "no" }' Now attach test1.qcow2 to a guest and start the guest in libvirt. You should see the error: test1.qcow2: Could not open backing file: failed to connect to ssh-agent: no auth sock variable (libssh2 error code: -39) This error comes from qemu and happens because SSH_AUTH_SOCK is not set in qemu's environment (it should have been passed through from your environment). Note that I'm doing all of this testing as non-root and it can depend on whether libvirtd is running already or not (see also long-standing libvirt bug 856619). This will need to become a parameter in the XML. There's no way for libvirt to pass through the client environment to libvirt as connections can be remote. This should be addressed when adding support for the ssh backend. *** This bug has been marked as a duplicate of bug 1140166 *** |