Bug 607496
Summary: | [LXC] Can not get ip address in LXC application guest | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | LiZhang Li <eli> |
Component: | libvirt | Assignee: | Osier Yang <jyang> |
Status: | CLOSED WONTFIX | QA Contact: | Virtualization Bugs <virt-bugs> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | CC: | ajia, berrange, dallan, dyuan, gren, jyang, mjenner, rwu, syeghiay, xen-maint, yoyzhang |
Target Milestone: | rc | Keywords: | Reopened, TestOnly |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-11-23 03:25:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 621776 |
Description
LiZhang Li
2010-06-24 09:14:55 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion. > sh-4.1#ifconfig
> return nothing
Please try 'ifconfig -a' instead ?
Still null return after execute `ifconfig -a` (In reply to comment #3) > > sh-4.1#ifconfig > > return nothing > > Please try 'ifconfig -a' instead ? libvirt merely creates the NIC, but does not configure it. So I'm assuming that the container OS install is missing a ifcfg-eth0 file to bring the device online. Since RHEL 6.1 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as an exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. I confirmed this with QE, on one of the testing box, the NICs of guest can be displayed well, but not on another box. (with the same domain xml as the reporter did). Also I can't see the NICs of guest on my FC15 either, it's strange, as the guest log shows everything works well. (the veth1 is changed into new network namespace successfully, and also is renamed, started, successfully, and lo is started successfully too). ========================== 21:18:21.735: 2628: debug : lxcControllerRun:726 : Opening tty on shared /dev/ptmx 21:18:21.736: 2628: debug : lxcContainerStart:913 : Enable network namespaces 21:18:21.740: 2628: debug : lxcContainerStart:919 : clone() completed, new container PID is 2630 PATH=/bin:/sbin TERM=linux LIBVIRT_LXC_UUID=ed954564-3ffa-dff3-56f1-ed489f91aaa6 LIBVIRT_LXC_NAME=lxc-vm121:18:21.741: 2628: debug : virCommandRunAsync:1877 : About to run ip link set veth1 netns 2630 /bin/sh 21:18:21.741: 2628: debug : virCommandRunAsync:1893 : Command result 0, with PID 2631 21:18:21.741: 1: debug : lxcContainerChild:775 : Container TTY path: /dev/pts/10 21:18:21.748: 2628: debug : virCommandRun:1703 : Result status 0, stdout: '' stderr: '21:18:21.741: 2631: info : libvirt version: 0.9.3 21:18:21.741: 2631: debug : virCommandHook:1800 : Hook is done 0 ' 21:18:21.749: 1: debug : lxcContainerChild:801 : Received container continue message 21:18:21.749: 1: debug : lxcContainerRenameAndEnableInterfaces:257 : Renaming veth1 to eth0 21:18:21.749: 1: debug : virCommandRunAsync:1877 : About to run ip link set veth1 name eth0 21:18:21.749: 1: debug : virCommandRunAsync:1893 : Command result 0, with PID 2 21:18:21.753: 1: debug : virCommandRun:1703 : Result status 0, stdout: '' stderr: '21:18:21.750: 2: info : libvirt version: 0.9.3 21:18:21.750: 2: debug : virCommandHook:1800 : Hook is done 0 ' 21:18:21.753: 1: debug : lxcContainerRenameAndEnableInterfaces:262 : Enabling eth0 21:18:21.753: 1: debug : virCommandRunAsync:1877 : About to run ifconfig eth0 up 21:18:21.754: 1: debug : virCommandRunAsync:1893 : Command result 0, with PID 3 21:18:21.757: 1: debug : virCommandRun:1703 : Result exit status 0, stdout: '' stderr: '21:18:21.754: 3: info : libvirt version: 0.9.3 21:18:21.754: 3: debug : virCommandHook:1800 : Hook is done 0 ' 21:18:21.757: 1: debug : virCommandRunAsync:1877 : About to run ifconfig lo up 21:18:21.757: 1: debug : virCommandRunAsync:1893 : Command result 0, with PID 4 21:18:21.760: 1: debug : virCommandRun:1703 : Result exit status 0, stdout: '' stderr: '21:18:21.758: 4: info : libvirt version: 0.9.3 21:18:21.758: 4: debug : virCommandHook:1800 : Hook is done 0 The problem (empty result of "ifconfig -a" in the container) should be caused by selinux. Proof is below: [host]# setenforce 1 [host]# virsh -c lxc:/// console vm Connected to domain vm1 Escape character is ^] sh-4.1# ifconfig -a sh-4.1# ping 10.66.83.167 connect: Network is unreachable sh-4.1# service network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining IP information for eth0... done. [ OK ] sh-4.1# ifconfig -a sh-4.1# ping 10.66.83.167 PING 10.66.83.167 (10.66.83.167) 56(84) bytes of data. 64 bytes from 10.66.83.167: icmp_seq=1 ttl=64 time=1.11 ms 64 bytes from 10.66.83.167: icmp_seq=2 ttl=64 time=0.122 ms ^C --- 10.66.83.167 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1476ms rtt min/avg/max/mdev = 0.122/0.620/1.119/0.499 ms sh-4.1# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.146 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.096 ms ^C --- 127.0.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1804ms rtt min/avg/max/mdev = 0.096/0.121/0.146/0.025 ms ======= Above proved both eth0 and lo in the guest actually works ========= sh-4.1# /usr/bin/strace -o trace.log ifconfig -a sh-4.1# cat trace.log execve("/sbin/ifconfig", ["ifconfig", "-a"], [/* 7 vars */]) = 0 brk(0) = 0x1409000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d1000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=46783, ...}) = 0 mmap(NULL, 46783, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd3286c5000 close(3) = 0 open("/lib64/libselinux.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0PX\340j=\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=124624, ...}) = 0 mmap(0x3d6ae00000, 2221912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3d6ae00000 mprotect(0x3d6ae1d000, 2093056, PROT_NONE) = 0 mmap(0x3d6b01c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x3d6b01c000 mmap(0x3d6b01e000, 1880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6b01e000 close(3) = 0 open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355ai=\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1979000, ...}) = 0 mmap(0x3d69600000, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3d69600000 mprotect(0x3d69797000, 2097152, PROT_NONE) = 0 mmap(0x3d69997000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x3d69997000 mmap(0x3d6999c000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6999c000 close(3) = 0 open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\240i=\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=22536, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286c4000 mmap(0x3d69a00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3d69a00000 mprotect(0x3d69a02000, 2097152, PROT_NONE) = 0 mmap(0x3d69c02000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3d69c02000 close(3) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286c2000 arch_prctl(ARCH_SET_FS, 0x7fd3286c27a0) = 0 mprotect(0x3d6b01c000, 4096, PROT_READ) = 0 mprotect(0x3d69997000, 16384, PROT_READ) = 0 mprotect(0x3d69c02000, 4096, PROT_READ) = 0 mprotect(0x3d6901f000, 4096, PROT_READ) = 0 munmap(0x7fd3286c5000, 46783) = 0 statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0 brk(0) = 0x1409000 brk(0x142a000) = 0x142a000 uname({sys="Linux", node="amd-5400b-4-2.englab.nay.redhat.com", ...}) = 0 access("/proc/net", R_OK) = 0 access("/proc/net/unix", R_OK) = 0 socket(PF_FILE, SOCK_DGRAM, 0) = 3 socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4 access("/proc/net/if_inet6", R_OK) = 0 socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 5 access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory) access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory) access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory) access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory) access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory) access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory) access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory) access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory) open("/proc/net/dev", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d0000 read(6, "Inter-| Receive "..., 1024) = 446 read(6, "", 1024) = 0 close(6) = 0 munmap(0x7fd3286d0000, 4096) = 0 ioctl(4, SIOCGIFCONF, {80, {{"lo", {AF_INET, inet_addr("127.0.0.1")}}, {"eth0", {AF_INET, inet_addr("192.168.122.18")}}}}) = 0 open("/proc/net/dev", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d0000 read(6, "Inter-| Receive "..., 1024) = 446 close(6) = 0 munmap(0x7fd3286d0000, 4096) = 0 ioctl(5, SIOCGIFFLAGS, {ifr_name="eth0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_MULTICAST}) = 0 ioctl(5, SIOCGIFHWADDR, {ifr_name="eth0", ifr_hwaddr=52:54:00:f2:2c:ac}) = 0 ioctl(5, SIOCGIFMETRIC, {ifr_name="eth0", ifr_metric=0}) = 0 ioctl(5, SIOCGIFMTU, {ifr_name="eth0", ifr_mtu=1500}) = 0 ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0 ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0 ioctl(5, SIOCGIFTXQLEN, {ifr_name="eth0", ifr_qlen=1000}) = 0 ioctl(4, SIOCGIFADDR, {ifr_name="eth0", ifr_addr={AF_INET, inet_addr("192.168.122.18")}}) = 0 ioctl(4, SIOCGIFDSTADDR, {ifr_name="eth0", ifr_dstaddr={AF_INET, inet_addr("192.168.122.18")}}) = 0 ioctl(4, SIOCGIFBRDADDR, {ifr_name="eth0", ifr_broadaddr={AF_INET, inet_addr("192.168.122.255")}}) = 0 ioctl(4, SIOCGIFNETMASK, {ifr_name="eth0", ifr_netmask={AF_INET, inet_addr("255.255.255.0")}}) = 0 fstat(1, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0 ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fffc84c7140) = -1 ENOTTY (Inappropriate ioctl for device) mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d0000 open("/proc/net/if_inet6", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286cf000 read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108 socket(PF_NETLINK, SOCK_RAW, 0) = 7 bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0 sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 108 recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 128 recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 close(7) = 0 read(6, "", 1024) = 0 read(6, "", 1024) = 0 close(6) = 0 munmap(0x7fd3286cf000, 4096) = 0 open("/proc/net/dev", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286cf000 read(6, "Inter-| Receive "..., 1024) = 446 close(6) = 0 munmap(0x7fd3286cf000, 4096) = 0 ioctl(5, SIOCGIFFLAGS, {ifr_name="lo", ifr_flags=IFF_UP|IFF_LOOPBACK|IFF_RUNNING}) = 0 ioctl(5, SIOCGIFHWADDR, {ifr_name="lo", ifr_hwaddr=00:00:00:00:00:00}) = 0 ioctl(5, SIOCGIFMETRIC, {ifr_name="lo", ifr_metric=0}) = 0 ioctl(5, SIOCGIFMTU, {ifr_name="lo", ifr_mtu=16436}) = 0 ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0 ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0 ioctl(5, SIOCGIFTXQLEN, {ifr_name="lo", ifr_qlen=0}) = 0 ioctl(4, SIOCGIFADDR, {ifr_name="lo", ifr_addr={AF_INET, inet_addr("127.0.0.1")}}) = 0 ioctl(4, SIOCGIFDSTADDR, {ifr_name="lo", ifr_dstaddr={AF_INET, inet_addr("127.0.0.1")}}) = 0 ioctl(4, SIOCGIFBRDADDR, {ifr_name="lo", ifr_broadaddr={AF_INET, inet_addr("0.0.0.0")}}) = 0 ioctl(4, SIOCGIFNETMASK, {ifr_name="lo", ifr_netmask={AF_INET, inet_addr("255.0.0.0")}}) = 0 open("/proc/net/if_inet6", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286cf000 read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108 read(6, "", 1024) = 0 socket(PF_NETLINK, SOCK_RAW, 0) = 7 bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0 sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 108 recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 128 recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 close(7) = 0 read(6, "", 1024) = 0 close(6) = 0 munmap(0x7fd3286cf000, 4096) = 0 close(5) = 0 write(1, "eth0 Link encap:Ethernet H"..., 881) = 881 exit_group(0) = ? sh-4.1# ==== We can actually "ifconfig -a" wrote things like "eth0 ...." to the stdout ==== After set selinux to permissive mode on host ==== [root@amd-5400b-4-2 ~]# setenforce 0 [root@amd-5400b-4-2 ~]# virsh -c lxc:/// start vm1 Domain vm1 started [root@amd-5400b-4-2 ~]# virsh -c lxc:/// console vm1 Connected to domain vm1 Escape character is ^] sh-4.1# ifconfig -a eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:10 errors:0 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:826 (826.0 b) TX bytes:468 (468.0 b) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ==== However, "busybox ifconfig -a" works well ==== sh-4.1# busybox ifconfig -a eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:189 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:12742 (12.4 KiB) TX bytes:552 (552.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) ==== And it seems some other commands under "/sbin" also output empty to stdout sh-4.1# ip link show sh-4.1# fdisk -l I just took a glance on it, didn't look into more, not sure if libvirt should do something to avoid the problem though. (In reply to comment #25) > The problem (empty result of "ifconfig -a" in the container) should be caused > by selinux. Proof is below: > > > [host]# setenforce 1 > > [host]# virsh -c lxc:/// console vm > Connected to domain vm1 > Escape character is ^] > sh-4.1# ifconfig -a > sh-4.1# ping 10.66.83.167 > connect: Network is unreachable > > sh-4.1# service network restart > Shutting down interface eth0: [ OK ] > Shutting down loopback interface: [ OK ] > Bringing up loopback interface: [ OK ] > Bringing up interface eth0: > Determining IP information for eth0... done. > [ OK ] > sh-4.1# ifconfig -a > sh-4.1# ping 10.66.83.167 > PING 10.66.83.167 (10.66.83.167) 56(84) bytes of data. > 64 bytes from 10.66.83.167: icmp_seq=1 ttl=64 time=1.11 ms > 64 bytes from 10.66.83.167: icmp_seq=2 ttl=64 time=0.122 ms > ^C > --- 10.66.83.167 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1476ms > rtt min/avg/max/mdev = 0.122/0.620/1.119/0.499 ms > sh-4.1# ping 127.0.0.1 > PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. > 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.146 ms > 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.096 ms > ^C > --- 127.0.0.1 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1804ms > rtt min/avg/max/mdev = 0.096/0.121/0.146/0.025 ms > > ======= Above proved both eth0 and lo in the guest actually works ========= > > sh-4.1# /usr/bin/strace -o trace.log ifconfig -a > sh-4.1# cat trace.log > execve("/sbin/ifconfig", ["ifconfig", "-a"], [/* 7 vars */]) = 0 > brk(0) = 0x1409000 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d1000 > access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) > open("/etc/ld.so.cache", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0644, st_size=46783, ...}) = 0 > mmap(NULL, 46783, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd3286c5000 > close(3) = 0 > open("/lib64/libselinux.so.1", O_RDONLY) = 3 > read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0PX\340j=\0\0\0"..., 832) > = 832 > fstat(3, {st_mode=S_IFREG|0755, st_size=124624, ...}) = 0 > mmap(0x3d6ae00000, 2221912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, > 0) = 0x3d6ae00000 > mprotect(0x3d6ae1d000, 2093056, PROT_NONE) = 0 > mmap(0x3d6b01c000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x3d6b01c000 > mmap(0x3d6b01e000, 1880, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6b01e000 > close(3) = 0 > open("/lib64/libc.so.6", O_RDONLY) = 3 > read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355ai=\0\0\0"..., > 832) = 832 > fstat(3, {st_mode=S_IFREG|0755, st_size=1979000, ...}) = 0 > mmap(0x3d69600000, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, > 0) = 0x3d69600000 > mprotect(0x3d69797000, 2097152, PROT_NONE) = 0 > mmap(0x3d69997000, 20480, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x3d69997000 > mmap(0x3d6999c000, 18600, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6999c000 > close(3) = 0 > open("/lib64/libdl.so.2", O_RDONLY) = 3 > read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\240i=\0\0\0"..., > 832) = 832 > fstat(3, {st_mode=S_IFREG|0755, st_size=22536, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286c4000 > mmap(0x3d69a00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, > 0) = 0x3d69a00000 > mprotect(0x3d69a02000, 2097152, PROT_NONE) = 0 > mmap(0x3d69c02000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3d69c02000 > close(3) = 0 > mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286c2000 > arch_prctl(ARCH_SET_FS, 0x7fd3286c27a0) = 0 > mprotect(0x3d6b01c000, 4096, PROT_READ) = 0 > mprotect(0x3d69997000, 16384, PROT_READ) = 0 > mprotect(0x3d69c02000, 4096, PROT_READ) = 0 > mprotect(0x3d6901f000, 4096, PROT_READ) = 0 > munmap(0x7fd3286c5000, 46783) = 0 > statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, > f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) > = 0 > brk(0) = 0x1409000 > brk(0x142a000) = 0x142a000 > uname({sys="Linux", node="amd-5400b-4-2.englab.nay.redhat.com", ...}) = 0 > access("/proc/net", R_OK) = 0 > access("/proc/net/unix", R_OK) = 0 > socket(PF_FILE, SOCK_DGRAM, 0) = 3 > socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4 > access("/proc/net/if_inet6", R_OK) = 0 > socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 5 > access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory) > open("/proc/net/dev", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d0000 > read(6, "Inter-| Receive "..., 1024) = 446 > read(6, "", 1024) = 0 > close(6) = 0 > munmap(0x7fd3286d0000, 4096) = 0 > ioctl(4, SIOCGIFCONF, {80, {{"lo", {AF_INET, inet_addr("127.0.0.1")}}, {"eth0", > {AF_INET, inet_addr("192.168.122.18")}}}}) = 0 > open("/proc/net/dev", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d0000 > read(6, "Inter-| Receive "..., 1024) = 446 > close(6) = 0 > munmap(0x7fd3286d0000, 4096) = 0 > ioctl(5, SIOCGIFFLAGS, {ifr_name="eth0", > ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_MULTICAST}) = 0 > ioctl(5, SIOCGIFHWADDR, {ifr_name="eth0", ifr_hwaddr=52:54:00:f2:2c:ac}) = 0 > ioctl(5, SIOCGIFMETRIC, {ifr_name="eth0", ifr_metric=0}) = 0 > ioctl(5, SIOCGIFMTU, {ifr_name="eth0", ifr_mtu=1500}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFTXQLEN, {ifr_name="eth0", ifr_qlen=1000}) = 0 > ioctl(4, SIOCGIFADDR, {ifr_name="eth0", ifr_addr={AF_INET, > inet_addr("192.168.122.18")}}) = 0 > ioctl(4, SIOCGIFDSTADDR, {ifr_name="eth0", ifr_dstaddr={AF_INET, > inet_addr("192.168.122.18")}}) = 0 > ioctl(4, SIOCGIFBRDADDR, {ifr_name="eth0", ifr_broadaddr={AF_INET, > inet_addr("192.168.122.255")}}) = 0 > ioctl(4, SIOCGIFNETMASK, {ifr_name="eth0", ifr_netmask={AF_INET, > inet_addr("255.255.255.0")}}) = 0 > fstat(1, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0 > ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fffc84c7140) = -1 ENOTTY > (Inappropriate ioctl for device) > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d0000 > open("/proc/net/if_inet6", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286cf000 > read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108 > socket(PF_NETLINK, SOCK_RAW, 0) = 7 > bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 > getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0 > sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, > {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 108 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 128 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 > close(7) = 0 > read(6, "", 1024) = 0 > read(6, "", 1024) = 0 > close(6) = 0 > munmap(0x7fd3286cf000, 4096) = 0 > open("/proc/net/dev", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286cf000 > read(6, "Inter-| Receive "..., 1024) = 446 > close(6) = 0 > munmap(0x7fd3286cf000, 4096) = 0 > ioctl(5, SIOCGIFFLAGS, {ifr_name="lo", > ifr_flags=IFF_UP|IFF_LOOPBACK|IFF_RUNNING}) = 0 > ioctl(5, SIOCGIFHWADDR, {ifr_name="lo", ifr_hwaddr=00:00:00:00:00:00}) = 0 > ioctl(5, SIOCGIFMETRIC, {ifr_name="lo", ifr_metric=0}) = 0 > ioctl(5, SIOCGIFMTU, {ifr_name="lo", ifr_mtu=16436}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFTXQLEN, {ifr_name="lo", ifr_qlen=0}) = 0 > ioctl(4, SIOCGIFADDR, {ifr_name="lo", ifr_addr={AF_INET, > inet_addr("127.0.0.1")}}) = 0 > ioctl(4, SIOCGIFDSTADDR, {ifr_name="lo", ifr_dstaddr={AF_INET, > inet_addr("127.0.0.1")}}) = 0 > ioctl(4, SIOCGIFBRDADDR, {ifr_name="lo", ifr_broadaddr={AF_INET, > inet_addr("0.0.0.0")}}) = 0 > ioctl(4, SIOCGIFNETMASK, {ifr_name="lo", ifr_netmask={AF_INET, > inet_addr("255.0.0.0")}}) = 0 > open("/proc/net/if_inet6", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286cf000 > read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108 > read(6, "", 1024) = 0 > socket(PF_NETLINK, SOCK_RAW, 0) = 7 > bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 > getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0 > sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, > {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 108 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 128 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 > close(7) = 0 > read(6, "", 1024) = 0 > close(6) = 0 > munmap(0x7fd3286cf000, 4096) = 0 > close(5) = 0 > write(1, "eth0 Link encap:Ethernet H"..., 881) = 881 > exit_group(0) = ? > sh-4.1# > > ==== We can actually "ifconfig -a" wrote things like "eth0 ...." to the stdout s/can /can see/ > > ==== After set selinux to permissive mode on host ==== > > [root@amd-5400b-4-2 ~]# setenforce 0 > > [root@amd-5400b-4-2 ~]# virsh -c lxc:/// start vm1 > Domain vm1 started > > [root@amd-5400b-4-2 ~]# virsh -c lxc:/// console vm1 > Connected to domain vm1 > Escape character is ^] > sh-4.1# ifconfig -a > eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC > inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:10 errors:0 dropped:0 overruns:0 frame:0 > TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:826 (826.0 b) TX bytes:468 (468.0 b) > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > > ==== However, "busybox ifconfig -a" works well ==== s/works well/works well when selinux is enforcing/ > > sh-4.1# busybox ifconfig -a > eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC > inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:189 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:12742 (12.4 KiB) TX bytes:552 (552.0 B) > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) > > ==== And it seems some other commands under "/sbin" also output empty to stdout > > sh-4.1# ip link show > sh-4.1# fdisk -l > > > I just took a glance on it, didn't look into more, not sure if libvirt should > do something to avoid the problem though. Hi Osier, Seems you have investigated something about it, do u still want us to provide the info? BTW, IMHO it should be recorded in documentation at least if it's caused by SElinux per comment 25. Thanks, Rita Osier, can you summarize the issue? (In reply to comment #28) > Osier, can you summarize the issue? I don't known the root cause yet, need more investigation. |