Bug 213124

Summary: xenconsole: Could not read tty from store: No such file or directory
Product: [Fedora] Fedora Reporter: Steve Dickson <steved>
Component: xenAssignee: Markus Armbruster <armbru>
Status: CLOSED WORKSFORME QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: bstein, katzj, sct, tomek, xen-maint
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-03-28 10:32:18 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Steve Dickson 2006-10-30 16:23:05 EST
Description of problem:
When booting up a guest, the 'xm create -c <guest>' command
would die (meaning the xm command die, putting me back to 
my shell prompt) right after the 'Started domain <guest>'
messages:
    Using config file "/etc/xen/rhel5".
    Going to boot Red Hat Linux (2.6.18-1.2738.el5xen)
    kernel: /vmlinuz-2.6.18-1.2738.el5xen
    initrd: /initrd-2.6.18-1.2738.el5xen.img
   Started domain rhel5

Now when I tried to reconnect to guest using the 
'xm console <guest>' I got the following error:

xenconsole: Could not read tty from store: No such file or directory


Version-Release number of selected component (if applicable):
This happen with both the 2.6.18-1.2824xen and 2.6.18-1.2825xen
FC6 kernels (at also had the 3945ABG wireless patches from RHEL5).

python-xeninst-0.94.0-1
xen-3.0.3-0.1.rc3
xen-libs-3.0.3-0.1.rc3

Additional info:
There was the following avc denial:
type=AVC msg=audit(1162242862.930:107): avc:  denied  { ioctl } for  pid=2867
comm="xenconsoled" name="evtchn" dev=tmpfs ino=3509
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file

The installed polices were:
libselinux-python-1.30.29-2
selinux-policy-2.4.1-3.fc6
libselinux-1.30.29-2
libselinux-devel-1.30.29-2
selinux-policy-targeted-2.4.1-3.fc6
Comment 1 Tomasz Kepczynski 2006-11-05 03:16:36 EST
It looks like the same problem prevents me from installing
guest OS. Actually kernel starts to load in guest VM but stops
as soon as mounting /sys filesystem. I also get some selinux
reports:
----
time->Sun Nov  5 08:39:00 2006
type=SYSCALL msg=audit(1162712340.411:137): arch=c000003e syscall=2 success=yes
exit=8 a0=7fffb7e375a0 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=3131 auid=4294967295
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
comm="xenconsoled" exe="/usr/sbin/xenconsoled"
subj=system_u:system_r:xenconsoled_t:s0 key=(null)
type=AVC msg=audit(1162712340.411:137): avc:  denied  { read } for  pid=3131
comm="xenconsoled" name="dev" dev=sysfs ino=25808
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
----
time->Sun Nov  5 08:39:00 2006
type=AVC_PATH msg=audit(1162712340.411:138):  path="/sys/class/misc/evtchn/dev"
type=SYSCALL msg=audit(1162712340.411:138): arch=c000003e syscall=5 success=yes
exit=0 a0=8 a1=7fffb7e36fa0 a2=7fffb7e36fa0 a3=0 items=0 ppid=1 pid=3131
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="xenconsoled" exe="/usr/sbin/xenconsoled"
subj=system_u:system_r:xenconsoled_t:s0 key=(null)
type=AVC msg=audit(1162712340.411:138): avc:  denied  { getattr } for  pid=3131
comm="xenconsoled" name="dev" dev=sysfs ino=25808
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=file
----
time->Sun Nov  5 08:46:25 2006
type=AVC_PATH msg=audit(1162712785.616:140):  path="/dev/xen/evtchn"
type=SYSCALL msg=audit(1162712785.616:140): arch=c000003e syscall=0 success=yes
exit=4 a0=8 a1=7fffb7e377f4 a2=4 a3=0 items=0 ppid=1 pid=3131 auid=4294967295
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
comm="xenconsoled" exe="/usr/sbin/xenconsoled"
subj=system_u:system_r:xenconsoled_t:s0 key=(null)
type=AVC msg=audit(1162712785.616:140): avc:  denied  { read } for  pid=3131
comm="xenconsoled" name="evtchn" dev=tmpfs ino=4094
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
----
time->Sun Nov  5 08:46:25 2006
type=AVC_PATH msg=audit(1162712785.616:141):  path="/dev/xen/evtchn"
type=SYSCALL msg=audit(1162712785.616:141): arch=c000003e syscall=16 success=yes
exit=0 a0=8 a1=44504 a2=7fffb7e377e0 a3=0 items=0 ppid=1 pid=3131
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="xenconsoled" exe="/usr/sbin/xenconsoled"
subj=system_u:system_r:xenconsoled_t:s0 key=(null)
type=AVC msg=audit(1162712785.616:141): avc:  denied  { ioctl } for  pid=3131
comm="xenconsoled" name="evtchn" dev=tmpfs ino=4094
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
----
time->Sun Nov  5 08:46:25 2006
type=AVC_PATH msg=audit(1162712785.616:142):  path="/dev/xen/evtchn"
type=SYSCALL msg=audit(1162712785.616:142): arch=c000003e syscall=1 success=yes
exit=4 a0=8 a1=7fffb7e377f4 a2=4 a3=0 items=0 ppid=1 pid=3131 auid=4294967295
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
comm="xenconsoled" exe="/usr/sbin/xenconsoled"
subj=system_u:system_r:xenconsoled_t:s0 key=(null)
type=AVC msg=audit(1162712785.616:142): avc:  denied  { write } for  pid=3131
comm="xenconsoled" name="evtchn" dev=tmpfs ino=4094
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file

Setting selinux to permissive allows installation to proceed. I use
targeted policy.
Comment 2 Steve Dickson 2006-11-06 06:18:49 EST
Turn off SElinux does not seem to do much for me....

xenhat# setenforce 0
xenhat# xm console rhel5
xenconsole: Could not read tty from store: No such file or directory
Comment 3 Daniel Berrange 2006-11-06 06:54:49 EST
The tty for the console is created at the time the guest domain boots up, rather
than at the time you run 'xm console'. Thus you need a sequence more like

# setenforce 0
# xm shutdown rhel5
...wait some time...
# xm create rhel5
# xm console rhel5
Comment 4 Steve Dickson 2006-11-06 07:14:06 EST
Yes... that sequence of commands does indeed work.... 
Comment 6 Markus Armbruster 2007-03-28 10:32:18 EDT
I don't get any SELinux denials, and connecting to the console just works.  I
figure the bug has been fixed.  Resolving it as WORKSFORME.  If it doesn't work
for you, please reopen it.