Bug 1558922

Summary: virt-v2v: error: libguestfs error: aug_get: no matching node [rhel-7.5.z]
Product: Red Hat Enterprise Linux 7 Reporter: Oneata Mircea Teodor <toneata>
Component: libguestfsAssignee: Richard W.M. Jones <rjones>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: high    
Version: 7.4CC: cnagarka, jherrman, jsuchane, kuwei, linl, mtessun, mxie, mzhan, ptoscano, tzheng, xchen
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: V2V
Fixed In Version: libguestfs-1.36.10-6.el7_5.1 Doc Type: Bug Fix
Doc Text:
Previously, converting a Linux guest that did not have the SELINUXTYPE key in the SELinux configuration caused the virt-v2v utility to fail. With this update, virt-v2v handles a missing SELINUXTYPE key properly, and the affected guests can be converted as expected.
 Story Points: ---
Clone Of: 1541525 Environment:
Last Closed: 2018-05-14 16:10:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1541525    
Bug Blocks:    

Description Oneata Mircea Teodor 2018-03-21 10:16:43 UTC 
This bug has been copied from bug #1541525 and has been proposed to be backported to 7.5 z-stream (EUS).
Comment 3 kuwei@redhat.com 2018-03-30 08:18:29 UTC 
I can reproduce the bug with below builds:
virt-v2v-1.36.10-6.el7.x86_64
qemu-kvm-rhev-2.10.0-21.el7.x86_64
libvirt-3.9.0-14.el7.x86_64
libguestfs-1.36.10-6.el7.x86_64

Try to verify it with below builds:
virt-v2v-1.36.10-6.el7_5.1.x86_64
qemu-kvm-rhev-2.10.0-21.el7_5.1.x86_64
libvirt-3.9.0-14.el7_5.2.x86_64
libguestfs-1.36.10-6.el7_5.1.x86_64

Steps:

Scenario 1:
1.Prepare a rhel7.4 guest on ESXi6.5 which /etc/selinux/config is:
#cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUX=enforcing

2.Convert the guest from Vmware to RHV4.2 by virt-v2v.
# virt-v2v -ic vpx://root.199.71/data/10.73.196.89/?no_verify=1 esx6.5-rhel7.4-x86_64 --password-file /tmp/passwd -o rhv -os 10.66.144.40:/home/nfs_export
[   0.0] Opening the source -i libvirt -ic vpx://root.199.71/data/10.73.196.89/?no_verify=1 esx6.5-rhel7.4-x86_64
[   1.6] Creating an overlay to protect the source from being modified
[   2.3] Initializing the target -o rhv -os 10.66.144.40:/home/nfs_export
[   2.5] Opening the overlay
[  32.8] Inspecting the overlay
[ 152.0] Checking for sufficient free disk space in the guest
[ 152.0] Estimating space required on target for each disk
[ 152.0] Converting Red Hat Enterprise Linux Server 7.4 (Maipo) to run on KVM
virt-v2v: This guest has virtio drivers installed.
[1172.0] Mapping filesystem data to avoid copying unused and blank areas
[1173.5] Closing the overlay
[1173.8] Checking if the guest needs BIOS or UEFI to boot
[1173.8] Assigning disks to buses
[1173.8] Copying disk 1/1 to /tmp/v2v.bDEYss/6f2055e4-b776-4ffd-94e6-f444e4931b76/images/1e2b200d-d3d9-4b1d-a3e7-b35693ccaa09/2bfa4b64-54eb-40a4-b0dc-4b7b801ecba6 (raw)
    (100.00/100%)
[1597.9] Creating output metadata
[1598.0] Finishing off

3.After conversion, guest could boot into OS and all checkpoints passed

Scenario 2:
1.Prepare a rhel6.9 guest on ESXi6.5 which /etc/selinux/config is:
#cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
#SELINUXTYPE=targeted

2.Convert the guest from Vmware to RHV4.2 by virt-v2v
3.After successful conversion, guest could boot into OS and all checkpoints passed

Scenario 3:
1.Prepare a rhel7.4 guest on ESXi6.5 which /etc/selinux/config is:
#cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
#SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
#SELINUX=enforcing

2.Convert the guest from Vmware to RHV4.2 by virt-v2v
3.After successful conversion, guest could boot into OS and all checkpoints passed


Result:

The v2v conversion could be finished without error when the file "/etc/selinux/config" was modified: "SELINUXTYPE=targeted" is disabled(scenario 2) or double "SELINUX=enforcing" (scenario 1) or "SELINUXTYPE=targeted,SELINUX=enforcing " all disabled, 
so the bug has been fixed with latest v2v builds,then move this bug from ON_QA to VERIFIED
Comment 5 kuwei@redhat.com 2018-04-25 08:31:54 UTC 
To verify it with below builds:
virt-v2v-1.36.10-6.el7_5.2.x86_64
qemu-kvm-rhev-2.10.0-21.el7_5.2.x86_64
libvirt-3.9.0-14.el7_5.4.x86_64
libguestfs-1.36.10-6.el7_5.2.x86_64

Steps:

Scenario 1:
1.Prepare a rhel7.4 guest on ESXi6.5 which /etc/selinux/config is default:

2.Convert the guest from Vmware to RHV4.2 by virt-v2v.
# virt-v2v -ic vpx://root.199.71/data/10.73.196.89/?no_verify=1 esx6.5-rhel7.4-x86_64 --password-file /tmp/passwd -o rhv -os 10.66.144.40:/home/nfs_export

3.After conversion, guest could boot into OS and all checkpoints passed

Scenario 2:
1.Prepare a rhel7.4/6.9 guest on ESXi6.5 which /etc/selinux/config is:
#cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
#SELINUXTYPE=targeted
SELINUX=enforcing

2.Convert the guest from Vmware to RHV4.2 by virt-v2v
3.After successful conversion, guest could boot into OS and all checkpoints passed

Scenario 3:
1.Prepare a rhel7.4 guest on ESXi6.5 which /etc/selinux/config is:
#cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
#SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
#SELINUXTYPE=targeted

2.Convert the guest from Vmware to RHV4.2 by virt-v2v
3.After successful conversion, guest could boot into OS and all checkpoints passed


So, from all the result move this bug from ON_QA to VERIFIED
Comment 8 errata-xmlrpc 2018-05-14 16:10:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1385