Bug 536693
Summary: | SDL does not work out of the box: Could not initialize SDL - exiting | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Andrew McNabb <amcnabb> | ||||||
Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> | ||||||
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | 14 | CC: | berrange, bfay, bos, clalance, crobinso, itamar, jforbes, maurizio.antillon, mbooth, pedemonte, soren, veillard, virt-maint | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2012-01-24 21:54:44 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Andrew McNabb
2009-11-10 23:47:10 UTC
By the way, this is with libvirt-0.7.1-15.fc12.x86_6. Thanks for the report Could you include the guest XML for the guest and the log file from /var/log/libvirt/qemu ? It sounds fairly similar to bug #528757 SELinux is disabled on this system, so it can't be the same problem. I will attach the guest XML and the log file momentarily. Created attachment 372313 [details]
xml config file for the virtual machine
Created attachment 372314 [details]
log file from /var/log/libvirt/qemu
Ah, okay - you do actually have SDL configured: <graphics type='sdl' display=':0.0' xauth='/aml/home/amcnabb/.Xauthority'/> (Incidentally, why? SDL is known to be buggy. We recommend people use VNC) It sounds like you just need to make sure the qemu user can read the .Xauthority file ? Could you change the permissions or use 'setfacl -m u:qemu:x' and confirm? If that's the case, then it's expected really - getting the permssions right will be a required step for setting up SDL. (In reply to comment #6) > > (Incidentally, why? SDL is known to be buggy. We recommend people use VNC) Why would you do that? :) Sound doesn't work with VNC, and SDL is faster (and in my experience less buggy). But anyway, as long as sound doesn't work, VNC isn't even an option. > It sounds like you just need to make sure the qemu user can read the > .Xauthority file ? Hmm. I hadn't thought of that. Since we can't make the qemu user read the .Xauthority without opening up all kinds of permissions problems, I guess the only option is to run libvirtd as root. > Could you change the permissions or use 'setfacl -m u:qemu:x' and confirm? I'm not experienced with setfacl, so I might be doing this wrong: amcnabb@prodigy:~% setfacl -m u:qemu:x .Xauthority setfacl: .Xauthority: Operation not supported > If that's the case, then it's expected really - getting the permssions right > will be a required step for setting up SDL. It would at least be nice if the error was "User qemu could not open .Xauthority: permission denied" or something like that. Thanks. I can't make this work either. Domain contains: <graphics type='sdl' display=':0.0' xauth='/var/run/gdm/auth-for-mbooth-ZCKyMu/database'/> If that xauth looks weird, looks like it's normal for F12: [mbooth@t500 ~]$ echo $XAUTHORITY /var/run/gdm/auth-for-mbooth-ZCKyMu/database [mbooth@t500 ~]$ echo $DISPLAY :0.0 Error message at startup is: [root@t500 ~]# virsh start rawhide error: Failed to start domain rawhide error: internal error unable to start guest: char device redirected to /dev/pts/1 No protocol specified No protocol specified Could not initialize SDL - exiting SELinux is in permissive mode. setfacl run on xauth file as above. Using setfacl actually does help solve this issue, but we need to run setfacl -m u:qemu:r .Xauthority NOT -m u:qemu:x . Execute permission doesn't matter here. I put some docs up on the fedora wiki about making SDL work: https://fedoraproject.org/wiki/How_to_debug_Virtualization_problems#SDL_Graphics There are two issues preventing this from 'Just Work'ing: - Selinux preventing emulator from accessing .Xauthority: https://bugzilla.redhat.com/show_bug.cgi?id=609279 We probably can't svirt relabel this file, so maybe something like Dan's suggestion in that bug: iff the guest needs SDL, we label it with svirt_with_xserver_t or similar. - qemu emulator user needs read access to .Xauthority file This doesn't really fit the current libvirt permissioning model, which only changes file ownership. Not really sure what to do here. I have dodgy code to switch to using ACLs instead of ownership for the QEMU security driver. That could easily cope with Xauth too The guest doesn't really need access to the user's XAuthority, afaics. It just needs a cookie for the current $DISPLAY. What if we added a generic method to pass credentials to a guest and let it accept X cookies? virt-manager and virt-viewer could be taught to pass a cookie to the guest before spawning it. This message is a reminder that Fedora 12 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 12. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '12'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 12's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 12 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping In Fedora 14, I still can't get libvirtd to work with SDL, and now setting user="root" in qemu.conf no longer helps. The backtrace I'm getting is in bug #635328. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. F14 is EOL, please reopen if this is still relevant in a more recent fedora. |