Bug 1481816
| Summary: | Create LXC container from disk image file using idmap | ||
|---|---|---|---|
| Product: | [Community] Virtualization Tools | Reporter: | Radostin Stoyanov <rstoyanov1> |
| Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> |
| Status: | CLOSED DUPLICATE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | unspecified | CC: | libvirt-maint, rbalakri, rstoyanov1 |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-08-17 14:37:51 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I just find out that this bug was already reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1328946 *** This bug has been marked as a duplicate of bug 1328946 *** |
Description of problem: Creating LXC container from disk image with <idmap/> results in "Permission denied" error. Steps to Reproduce: 1. Create single partition disk image which contains root file system. Example: virt-make-fs --type=ext3 --format=qcow2 --size=+200M /some/path/rootfs.tar /some/path/image.qcow2 2. Create new container using this image with <idmap />. Example: sudo virsh -c lxc:/// create test.xml Content of test.xml: <domain type="lxc"> <name>container1</name> <uuid>e947c122-ad9c-4ee5-bc59-68fb089b284d</uuid> <memory>1048576</memory> <currentMemory>1048576</currentMemory> <vcpu>1</vcpu> <os> <type arch="x86_64">exe</type> <init>/bin/bash</init> </os> <idmap> <uid start="0" target="1000" count="10"/> <gid start="0" target="1000" count="10"/> </idmap> <features> <privnet/> </features> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <filesystem type="file"> <source file="/some/path/image.qcow2"/> <driver type="nbd" format="qcow2"/> <target dir="/"/> </filesystem> <console type="pty"/> </devices> </domain> Actual results: error: Failed to create domain from test.xml error: internal error: guest failed to start: Failure in libvirt_lxc startup: Failed to create /var/run/libvirt/lxc/container1.root: Permission denied Expected results: Domain container1 created from test.xml Additional info: If we remove <idmap /> the container will start correctly.