Bug 525305

Summary: Save doesn't work when kvm guests runs unprivileged
Product: [Community] Virtualization Tools Reporter: Daniel B <dani-rh>
Component: libvirtAssignee: Daniel Veillard <veillard>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: low    
Version: unspecifiedCC: berrange, crobinso, xen-maint
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-11-26 15:16:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel B 2009-09-23 20:41:53 UTC 
Description of problem:

As explained here: http://www.mail-archive.com/libvir-list@redhat.com/msg16458.html

We have the option to run qemu/kvm guests unprivileged since libvirt 0.7.0.
Everything seems to work fine except the save functionality (virsh save domain /tmp/domain.state)

In fact, there's no error when we try to save a guest, just the saved state file is almost empty and of course, unusable.

The reason seems to be that libvirt first
create the destination file to write the header and the XML definition.
The file is owned by root with 600 permission. Then, we ask qemu to
append the dump of the memory (via the migrate exec: call) to this file.
This part doesn't work because the qemu user cannot write to this file.
So we endup with a file which only contains the header and the XML, and
the guest is stoped :/



Version-Release number of selected component (if applicable):
libvirt 0.7.0 and 0.7.1
qemu-kvm 0.10.6

How reproducible:
Always

Steps to Reproduce:
1. Configure /etc/libvirt/qemu.conf to run qemu guests under qemu account
2. Restart libvirt and start a domain (verify the the process is running as the qemu user or whatever you have configured)
3. Try to save this guest (with virsh save domain /tmp/domain.state for example)
4. look at the size of the saved file :/ You can try to restore it, but you already know how it'll end ;)
  
Actual results:
The state of the guest is not written to the file

Expected results:
The save function should work the same way it does when we run qemu as root

Additional info
Comment 1 Daniel Berrangé 2009-11-11 12:32:40 UTC 
Fix posted upstream

http://www.redhat.com/archives/libvir-list/2009-November/msg00376.html
Comment 2 Daniel Berrangé 2009-11-26 15:16:03 UTC 
Fixed in 0.7.4 release