Bug 1940791
| Summary: | libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | rmandrad <miguel.de.andrade> |
| Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 34 | CC: | agedosier, alex765, alexandermurashkin, andrew.kavalov, berrange, clalancette, crobinso, dario.minonne, darknater, devin, jforbes, jiyin, laine, libvirt-maint, mihai, mwolf, sampsonfung, ssbarnea, veillard, virt-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-03-19 18:15:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
rmandrad
2021-03-19 07:42:05 UTC
Problem went away after an update to libvirt what exactly did you do to make this error disappear? I have two of them after the update to F34 1. libcap-ng used by "/usr/sbin/libvirt-dbus" failed due to not having CAP_SETPCAP in capng_apply 2. libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply I got this problem with Silverblue 34.
$ rpm-ostree status
Deployments:
● ostree://fedora:fedora/34/x86_64/silverblue
Version: 34.20210419.n.0 (2021-04-19T08:11:39Z)
BaseCommit: 33b03db67237704cc191e9553627ffe7feb77454c4637b74f14ab60511de4398
GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39
LayeredPackages: fedora-workstation-repositories gparted ibus-cangjie-engine-cangjie iwd langpacks-en libguestfs-tools
libvirt-daemon-config-network libvirt-daemon-kvm lxpolkit nmap-ncat python3-libguestfs qemu-kvm sway
virt-install virt-manager virt-top virt-viewer waypipe
$rpm -qa libvirt*
libvirt-bash-completion-7.0.0-4.fc34.x86_64
libvirt-libs-7.0.0-4.fc34.x86_64
libvirt-daemon-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-core-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-network-7.0.0-4.fc34.x86_64
libvirt-daemon-config-network-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-qemu-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-secret-7.0.0-4.fc34.x86_64
libvirt-glib-4.0.0-1.fc34.x86_64
libvirt-daemon-driver-storage-disk-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-gluster-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-iscsi-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-iscsi-direct-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-logical-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-mpath-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-scsi-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-sheepdog-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-zfs-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-interface-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-nodedev-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-nwfilter-7.0.0-4.fc34.x86_64
libvirt-client-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-rbd-7.0.0-4.fc34.x86_64
libvirt-daemon-driver-storage-7.0.0-4.fc34.x86_64
libvirt-daemon-kvm-7.0.0-4.fc34.x86_64
$journalctl -b -u libvirtd
-- Journal begins at Sun 2021-03-14 13:52:59 HKT, ends at Tue 2021-04-20 02:16:24 HKT. --
Apr 20 01:24:53 amdf systemd[1]: Starting Virtualization daemon...
Apr 20 01:24:54 amdf systemd[1]: Started Virtualization daemon.
Apr 20 01:24:54 amdf libvirtd[946]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
Apr 20 01:24:54 amdf libvirtd[947]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
Apr 20 01:24:54 amdf libvirtd[1011]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
Apr 20 01:24:54 amdf libvirtd[1012]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
Apr 20 01:24:54 amdf dnsmasq[1025]: started, version 2.84rc2 cachesize 150
Apr 20 01:24:54 amdf dnsmasq[1025]: compile time options: IPv6 GNU-getopt DBus no-UBus no-i18n IDN2 DHCP DHCPv6 no-Lua TFTP no-connt>
Apr 20 01:24:54 amdf dnsmasq-dhcp[1025]: DHCP, IP range 192.168.122.2 -- 192.168.122.254, lease time 1h
Apr 20 01:24:54 amdf dnsmasq-dhcp[1025]: DHCP, sockets bound exclusively to interface virbr0
Apr 20 01:24:54 amdf dnsmasq[1025]: reading /etc/resolv.conf
Apr 20 01:24:54 amdf dnsmasq[1025]: using nameserver 127.0.0.53#53
Apr 20 01:24:54 amdf dnsmasq[1025]: read /etc/hosts - 2 addresses
Apr 20 01:24:54 amdf dnsmasq[1025]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Apr 20 01:24:54 amdf dnsmasq-dhcp[1025]: read /var/lib/libvirt/dnsmasq/default.hostsfile
Apr 20 01:24:54 amdf libvirtd[1038]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
Apr 20 01:24:55 amdf libvirtd[1053]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SET
The same here after upgrade to F34 1 May 04 19:46:27 host.example.com systemd[1]: Started Virtualization daemon. 2 May 04 19:46:27 host.example.com libvirtd[15012]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply 3 May 04 19:46:27 host.example.com libvirtd[15013]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply 4 May 04 19:46:27 host.example.com dnsmasq[6277]: read /etc/hosts - 2 addresses 5 May 04 19:46:27 host.example.com dnsmasq[6277]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses 6 May 04 19:46:27 host.example.com dnsmasq-dhcp[6277]: read /var/lib/libvirt/dnsmasq/default.hostsfile 7 May 04 19:46:27 host.example.com libvirtd[14992]: libvirt version: 7.0.0, package: 4.fc34 (Fedora Project, 2021-02-03-20:03:12, ) 8 May 04 19:46:27 host.example.com libvirtd[14992]: hostname: raptor.castle.aimk.com 9 May 04 19:46:27 host.example.com libvirtd[14992]: ignoring dangling symlink '/usr/share/virtio-win/virtio-win_servers_x86.vfd' 10 May 04 19:46:27 host.example.com libvirtd[15079]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply 11 May 04 19:46:28 host.example.com libvirtd[15099]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply 12 May 04 19:46:28 host.example.com libvirtd[15123]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply 13 May 04 19:46:29 host.example.com libvirtd[15141]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply 14 May 04 19:46:29 host.example.com systemd[1]: Listening on Virtual machine log manager socket. 15 May 04 19:46:29 host.example.com systemd[1]: Started Virtual machine log manager. Kernel 5.11.17-300.fc34.x86_64 libvirt packages fence-virtd-libvirt-1.0.0-4.fc34.x86_64 libvirt-7.0.0-4.fc34.x86_64 libvirt-admin-7.0.0-4.fc34.x86_64 libvirt-bash-completion-7.0.0-4.fc34.x86_64 libvirt-cim-0.6.3-16.fc34.x86_64 libvirt-client-7.0.0-4.fc34.x86_64 libvirt-daemon-7.0.0-4.fc34.x86_64 libvirt-daemon-config-network-7.0.0-4.fc34.x86_64 libvirt-daemon-config-nwfilter-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-interface-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-libxl-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-lxc-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-network-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-nodedev-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-nwfilter-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-qemu-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-secret-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-core-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-disk-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-gluster-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-iscsi-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-iscsi-direct-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-logical-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-mpath-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-rbd-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-scsi-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-sheepdog-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-storage-zfs-7.0.0-4.fc34.x86_64 libvirt-daemon-driver-vbox-7.0.0-4.fc34.x86_64 libvirt-daemon-kvm-7.0.0-4.fc34.x86_64 libvirt-daemon-lxc-7.0.0-4.fc34.x86_64 libvirt-daemon-qemu-7.0.0-4.fc34.x86_64 libvirt-daemon-vbox-7.0.0-4.fc34.x86_64 libvirt-dbus-1.4.0-3.fc34.x86_64 libvirt-docs-7.0.0-4.fc34.x86_64 libvirt-gconfig-4.0.0-1.fc34.x86_64 libvirt-glib-4.0.0-1.fc34.x86_64 libvirt-gobject-4.0.0-1.fc34.x86_64 libvirt-libs-7.0.0-4.fc34.x86_64 libvirt-lock-sanlock-7.0.0-4.fc34.x86_64 libvirt-login-shell-7.0.0-4.fc34.x86_64 libvirt-nss-7.0.0-4.fc34.x86_64 libvirt-sandbox-0.8.0-7.fc34.x86_64 libvirt-sandbox-libs-0.8.0-7.fc34.x86_64 libvirt-wireshark-7.0.0-4.fc34.x86_64 python3-libvirt-7.0.0-2.fc34.x86_64 Hi,
it appears I've two problems with libvirt
1) the CAP_SETPCAP
2) the firewalld issue: GDBus.Error:org.fedoraproject.FirewallD1.Exception: COMMAND_FAILED: 'python-nftables' failed
Unsure if they're related. Let me know if I need to open another BZ.
Here is the systemctl output, Thanks!
$ sudo systemctl status libvirtd.service
○ libvirtd.service - Virtualization daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Wed 2021-05-05 11:00:13 CEST; 1min 57s ago
TriggeredBy: ● libvirtd-admin.socket
● libvirtd.socket
● libvirtd-ro.socket
Docs: man:libvirtd(8)
https://libvirt.org
Process: 427443 ExecStart=/usr/sbin/libvirtd $LIBVIRTD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 427443 (code=exited, status=0/SUCCESS)
Tasks: 2 (limit: 32768)
Memory: 1.8M
CPU: 329ms
CGroup: /system.slice/libvirtd.service
├─39619 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
└─39620 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
May 05 10:58:13 lnvtp53 libvirtd[427470]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
May 05 10:58:13 lnvtp53 libvirtd[427443]: libvirt version: 7.0.0, package: 4.fc34 (Fedora Project, 2021-02-03-20:03:12, )
May 05 10:58:13 lnvtp53 libvirtd[427443]: hostname: lnvtp53
May 05 10:58:13 lnvtp53 libvirtd[427443]: error from service: GDBus.Error:org.fedoraproject.FirewallD1.Exception: COMMAND_FAILED: 'python-nftables' failed:
JSON blob:
{"nftables": [{"metainfo": {"json_schema_version": 1}}, {"insert": {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT_ZONES", "expr": [{"match": {"left": {"meta": {"key": "iifname"}}, "op": "==", "right": "virbr0"}}, {"goto": {"target": "filter_IN_libvirt"}}]}}}, {"insert": {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_OUT_ZO>
May 05 10:58:13 lnvtp53 dnsmasq[39619]: read /etc/hosts - 3 addresses
May 05 10:58:13 lnvtp53 dnsmasq[39619]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
May 05 10:58:13 lnvtp53 dnsmasq-dhcp[39619]: read /var/lib/libvirt/dnsmasq/default.hostsfile
May 05 11:00:13 lnvtp53 systemd[1]: libvirtd.service: Deactivated successfully.
May 05 11:00:13 lnvtp53 systemd[1]: libvirtd.service: Unit process 39619 (dnsmasq) remains running after unit stopped.
May 05 11:00:13 lnvtp53 systemd[1]: libvirtd.service: Unit process 39620 (dnsmasq) remains running after unit stopped.
got same problem on Fedora-34 Cloud image #As KVM host:
'''
[foo@fedora-host ~]$ sudo systemctl status libvirtd
● libvirtd.service - Virtualization daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-05-08 06:42:15 UTC; 4min 42s ago
TriggeredBy: ● libvirtd-admin.socket
● libvirtd.socket
● libvirtd-ro.socket
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 15006 (libvirtd)
Tasks: 23 (limit: 32768)
Memory: 17.9M
CPU: 2.506s
CGroup: /system.slice/libvirtd.service
├─14801 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
├─14802 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
└─15006 /usr/sbin/libvirtd --timeout 120
May 08 06:43:25 fedora-host libvirtd[15446]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply
May 08 06:43:25 fedora-host libvirtd[15006]: libvirt version: 7.0.0, package: 4.fc34 (Fedora Project, 2021-02-03-20:03:12, )
May 08 06:43:25 fedora-host libvirtd[15006]: hostname: fedora-host
May 08 06:43:25 fedora-host libvirtd[15006]: Domain id=1 name='nested-fedora' uuid=0b16cff5-4605-40b3-aeb8-e368585f109f is tainted: custom-argv
May 08 06:43:49 fedora-host dnsmasq-dhcp[14801]: DHCPDISCOVER(virbr0) 52:54:00:f8:9d:f3
May 08 06:43:49 fedora-host dnsmasq-dhcp[14801]: DHCPOFFER(virbr0) 192.168.124.226 52:54:00:f8:9d:f3
May 08 06:43:49 fedora-host dnsmasq-dhcp[14801]: DHCPDISCOVER(virbr0) 52:54:00:f8:9d:f3
May 08 06:43:49 fedora-host dnsmasq-dhcp[14801]: DHCPOFFER(virbr0) 192.168.124.226 52:54:00:f8:9d:f3
May 08 06:43:49 fedora-host dnsmasq-dhcp[14801]: DHCPREQUEST(virbr0) 192.168.124.226 52:54:00:f8:9d:f3
May 08 06:43:49 fedora-host dnsmasq-dhcp[14801]: DHCPACK(virbr0) 192.168.124.226 52:54:00:f8:9d:f3 nested-fedora
'''
irqbalance reporting the same: May 13 08:08:51 /usr/sbin/irqbalance[2478]: libcap-ng used by "/usr/sbin/irqbalance" failed due to not having CAP_SETPCAP in capng_apply May 13 08:08:55 libvirtd[3934]: libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply Why is this marked as 'CLOSED NOTABUG'? I am quite curious about the subject because I get the same with f34 and there is no mention on why this happens and what is the solution for it. I get this on my own "baremetal" lenovo laptop which has virtualization enabled and not inside a VM. Bug status is 'CLOSED NOTABUG' which seems premature. Can it be reopened,please? There's another bug already tracking this: https://bugzilla.redhat.com/show_bug.cgi?id=1924218 *** This bug has been marked as a duplicate of bug 1924218 *** |