Bug 526046

Summary: xend fails to start with readonly root filesystem
Product: Red Hat Enterprise Linux 5 Reporter: Alexander Todorov <atodorov>
Component: initscriptsAssignee: initscripts Maintenance Team <initscripts-maint-list>
Status: CLOSED ERRATA QA Contact: qe-baseos-daemons
Severity: medium Docs Contact:
Priority: medium    
Version: 5.4CC: azelinka, berrange, harald, notting, riek, va6ualei, xen-maint
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: initscripts-8.45.32-1.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-13 23:05:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexander Todorov 2009-09-28 13:50:38 UTC 
Description of problem:
service xend start fails when / is read-only.

Version-Release number of selected component (if applicable):
xen-3.0.3-94.el5

How reproducible:
always

Steps to Reproduce:
1. Configure readonly-root in /etc/sysconfig/readonly-root:
READONLY=yes
TEMPORARY_STATE=yes
2. reboot the system
3.
  
Actual results:
xend fails to start with traceback.

Expected results:
xend starts because RHEL5 supports readonly file system.

Additional info:
traceback found in /var/log/xen/xend.log

[2009-09-28 09:42:40 xend 2842] INFO (SrvDaemon:283) Xend Daemon started
[2009-09-28 09:42:40 xend 2842] INFO (SrvDaemon:287) Xend changeset: unavailable.
[2009-09-28 09:42:40 xend 2842] ERROR (SrvDaemon:297) Exception starting xend ([Errno 30] Read-only file system: '/var/lib/xend')
Traceback (most recent call last):
  File "/usr/lib/python2.4/site-packages/xen/xend/server/SrvDaemon.py", line 290, in run
    relocate.listenRelocation()
  File "/usr/lib/python2.4/site-packages/xen/xend/server/relocate.py", line 124, in listenRelocation
    unix.UnixListener(path, RelocationProtocol)
  File "/usr/lib/python2.4/site-packages/xen/web/unix.py", line 49, in __init__
    connection.SocketListener.__init__(self, protocol_class)
  File "/usr/lib/python2.4/site-packages/xen/web/connection.py", line 81, in __init__
    self.sock = self.createSocket()
  File "/usr/lib/python2.4/site-packages/xen/web/unix.py", line 53, in createSocket
    return bind(self.path)
  File "/usr/lib/python2.4/site-packages/xen/web/unix.py", line 34, in bind
    os.chown(parent, os.geteuid(), os.getegid())
OSError: [Errno 30] Read-only file system: '/var/lib/xend'
[2009-09-28 09:42:40 xend 2841] INFO (SrvDaemon:183) Xend exited with status 1.
Comment 1 Alexander Todorov 2009-09-28 13:53:57 UTC 
Use case for comment #0:
1) Configure single OS image for hypervisor
2) Boot the image in 1) on multiple bare-metal machines via PXE, / is on network file system and is mounted read only.
3) Start multiple domU instances on the bare metal machines. 

I still haven't tested the same use case with KVM.
Comment 2 Daniel Berrangé 2009-09-28 14:11:50 UTC 
Even if running read-only root there needs to be some writable area for apps to use. So IMHO if you want to run XenD on a readonly root you should bind mount the directories XenD writes into to the writable area.
Comment 3 Alexander Todorov 2009-09-28 14:36:56 UTC 
That should be done automatically same way /etc/resolv.conf is bind mounted for example. 

To clarify:
Dom0 rootfs is read-only and  DomU rootfs is read-only too. Read/Write space is available via network for the apps in DomU to write to. 

Dom0 task is to create copies (via virt-clone) of the same DomU config file and start them. The domain config file attaches to the underlying block device read-only so that multiple copies with the same disk image can be started.
Comment 4 Alexander Todorov 2009-09-30 12:53:21 UTC 
FYI: looks like /var/lib/xen is already bind mounted but not /var/lib/xend
Comment 6 Alexander Todorov 2009-10-07 08:02:16 UTC 
changing to proper component
Comment 8 Bill Nottingham 2009-10-07 15:34:06 UTC 
http://git.fedorahosted.org/git/?p=initscripts.git;a=commitdiff;h=bdcffd661b550604d6123728878550a1d98f407b

is the upstream commit. ACK for 5.5, although given that there's a workaround (add the requisite entry in a user-written rwtab.d file), I'm not sure why it would be considered a blocker.
Comment 9 RHEL Program Management 2009-11-06 19:23:12 UTC 
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 10 RHEL Program Management 2010-06-04 15:59:30 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 14 errata-xmlrpc 2011-01-13 23:05:34 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0075.html