Bug 607496
| Summary: | [LXC] Can not get ip address in LXC application guest | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | LiZhang Li <eli> |
| Component: | libvirt | Assignee: | Osier Yang <jyang> |
| Status: | CLOSED WONTFIX | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 6.0 | CC: | ajia, berrange, dallan, dyuan, gren, jyang, mjenner, rwu, syeghiay, xen-maint, yoyzhang |
| Target Milestone: | rc | Keywords: | Reopened, TestOnly |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-11-23 03:25:31 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 621776 | ||
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion. > sh-4.1#ifconfig
> return nothing
Please try 'ifconfig -a' instead ?
Still null return after execute `ifconfig -a` (In reply to comment #3) > > sh-4.1#ifconfig > > return nothing > > Please try 'ifconfig -a' instead ? libvirt merely creates the NIC, but does not configure it. So I'm assuming that the container OS install is missing a ifcfg-eth0 file to bring the device online. Since RHEL 6.1 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as an exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. I confirmed this with QE, on one of the testing box, the NICs of guest can be displayed well, but not on another box. (with the same domain xml as the reporter did). Also I can't see the NICs of guest on my FC15 either, it's strange, as the guest log shows everything works well. (the veth1 is changed into new network namespace successfully, and also is renamed, started, successfully, and lo is started successfully too). ========================== 21:18:21.735: 2628: debug : lxcControllerRun:726 : Opening tty on shared /dev/ptmx 21:18:21.736: 2628: debug : lxcContainerStart:913 : Enable network namespaces 21:18:21.740: 2628: debug : lxcContainerStart:919 : clone() completed, new container PID is 2630 PATH=/bin:/sbin TERM=linux LIBVIRT_LXC_UUID=ed954564-3ffa-dff3-56f1-ed489f91aaa6 LIBVIRT_LXC_NAME=lxc-vm121:18:21.741: 2628: debug : virCommandRunAsync:1877 : About to run ip link set veth1 netns 2630 /bin/sh 21:18:21.741: 2628: debug : virCommandRunAsync:1893 : Command result 0, with PID 2631 21:18:21.741: 1: debug : lxcContainerChild:775 : Container TTY path: /dev/pts/10 21:18:21.748: 2628: debug : virCommandRun:1703 : Result status 0, stdout: '' stderr: '21:18:21.741: 2631: info : libvirt version: 0.9.3 21:18:21.741: 2631: debug : virCommandHook:1800 : Hook is done 0 ' 21:18:21.749: 1: debug : lxcContainerChild:801 : Received container continue message 21:18:21.749: 1: debug : lxcContainerRenameAndEnableInterfaces:257 : Renaming veth1 to eth0 21:18:21.749: 1: debug : virCommandRunAsync:1877 : About to run ip link set veth1 name eth0 21:18:21.749: 1: debug : virCommandRunAsync:1893 : Command result 0, with PID 2 21:18:21.753: 1: debug : virCommandRun:1703 : Result status 0, stdout: '' stderr: '21:18:21.750: 2: info : libvirt version: 0.9.3 21:18:21.750: 2: debug : virCommandHook:1800 : Hook is done 0 ' 21:18:21.753: 1: debug : lxcContainerRenameAndEnableInterfaces:262 : Enabling eth0 21:18:21.753: 1: debug : virCommandRunAsync:1877 : About to run ifconfig eth0 up 21:18:21.754: 1: debug : virCommandRunAsync:1893 : Command result 0, with PID 3 21:18:21.757: 1: debug : virCommandRun:1703 : Result exit status 0, stdout: '' stderr: '21:18:21.754: 3: info : libvirt version: 0.9.3 21:18:21.754: 3: debug : virCommandHook:1800 : Hook is done 0 ' 21:18:21.757: 1: debug : virCommandRunAsync:1877 : About to run ifconfig lo up 21:18:21.757: 1: debug : virCommandRunAsync:1893 : Command result 0, with PID 4 21:18:21.760: 1: debug : virCommandRun:1703 : Result exit status 0, stdout: '' stderr: '21:18:21.758: 4: info : libvirt version: 0.9.3 21:18:21.758: 4: debug : virCommandHook:1800 : Hook is done 0 The problem (empty result of "ifconfig -a" in the container) should be caused by selinux. Proof is below:
[host]# setenforce 1
[host]# virsh -c lxc:/// console vm
Connected to domain vm1
Escape character is ^]
sh-4.1# ifconfig -a
sh-4.1# ping 10.66.83.167
connect: Network is unreachable
sh-4.1# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
sh-4.1# ifconfig -a
sh-4.1# ping 10.66.83.167
PING 10.66.83.167 (10.66.83.167) 56(84) bytes of data.
64 bytes from 10.66.83.167: icmp_seq=1 ttl=64 time=1.11 ms
64 bytes from 10.66.83.167: icmp_seq=2 ttl=64 time=0.122 ms
^C
--- 10.66.83.167 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1476ms
rtt min/avg/max/mdev = 0.122/0.620/1.119/0.499 ms
sh-4.1# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.146 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.096 ms
^C
--- 127.0.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1804ms
rtt min/avg/max/mdev = 0.096/0.121/0.146/0.025 ms
======= Above proved both eth0 and lo in the guest actually works =========
sh-4.1# /usr/bin/strace -o trace.log ifconfig -a
sh-4.1# cat trace.log
execve("/sbin/ifconfig", ["ifconfig", "-a"], [/* 7 vars */]) = 0
brk(0) = 0x1409000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d1000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=46783, ...}) = 0
mmap(NULL, 46783, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd3286c5000
close(3) = 0
open("/lib64/libselinux.so.1", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0PX\340j=\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=124624, ...}) = 0
mmap(0x3d6ae00000, 2221912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3d6ae00000
mprotect(0x3d6ae1d000, 2093056, PROT_NONE) = 0
mmap(0x3d6b01c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x3d6b01c000
mmap(0x3d6b01e000, 1880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6b01e000
close(3) = 0
open("/lib64/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355ai=\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1979000, ...}) = 0
mmap(0x3d69600000, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3d69600000
mprotect(0x3d69797000, 2097152, PROT_NONE) = 0
mmap(0x3d69997000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x3d69997000
mmap(0x3d6999c000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6999c000
close(3) = 0
open("/lib64/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\240i=\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=22536, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286c4000
mmap(0x3d69a00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3d69a00000
mprotect(0x3d69a02000, 2097152, PROT_NONE) = 0
mmap(0x3d69c02000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3d69c02000
close(3) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286c2000
arch_prctl(ARCH_SET_FS, 0x7fd3286c27a0) = 0
mprotect(0x3d6b01c000, 4096, PROT_READ) = 0
mprotect(0x3d69997000, 16384, PROT_READ) = 0
mprotect(0x3d69c02000, 4096, PROT_READ) = 0
mprotect(0x3d6901f000, 4096, PROT_READ) = 0
munmap(0x7fd3286c5000, 46783) = 0
statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
brk(0) = 0x1409000
brk(0x142a000) = 0x142a000
uname({sys="Linux", node="amd-5400b-4-2.englab.nay.redhat.com", ...}) = 0
access("/proc/net", R_OK) = 0
access("/proc/net/unix", R_OK) = 0
socket(PF_FILE, SOCK_DGRAM, 0) = 3
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
access("/proc/net/if_inet6", R_OK) = 0
socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 5
access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory)
open("/proc/net/dev", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d0000
read(6, "Inter-| Receive "..., 1024) = 446
read(6, "", 1024) = 0
close(6) = 0
munmap(0x7fd3286d0000, 4096) = 0
ioctl(4, SIOCGIFCONF, {80, {{"lo", {AF_INET, inet_addr("127.0.0.1")}}, {"eth0", {AF_INET, inet_addr("192.168.122.18")}}}}) = 0
open("/proc/net/dev", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d0000
read(6, "Inter-| Receive "..., 1024) = 446
close(6) = 0
munmap(0x7fd3286d0000, 4096) = 0
ioctl(5, SIOCGIFFLAGS, {ifr_name="eth0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_MULTICAST}) = 0
ioctl(5, SIOCGIFHWADDR, {ifr_name="eth0", ifr_hwaddr=52:54:00:f2:2c:ac}) = 0
ioctl(5, SIOCGIFMETRIC, {ifr_name="eth0", ifr_metric=0}) = 0
ioctl(5, SIOCGIFMTU, {ifr_name="eth0", ifr_mtu=1500}) = 0
ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0
ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0
ioctl(5, SIOCGIFTXQLEN, {ifr_name="eth0", ifr_qlen=1000}) = 0
ioctl(4, SIOCGIFADDR, {ifr_name="eth0", ifr_addr={AF_INET, inet_addr("192.168.122.18")}}) = 0
ioctl(4, SIOCGIFDSTADDR, {ifr_name="eth0", ifr_dstaddr={AF_INET, inet_addr("192.168.122.18")}}) = 0
ioctl(4, SIOCGIFBRDADDR, {ifr_name="eth0", ifr_broadaddr={AF_INET, inet_addr("192.168.122.255")}}) = 0
ioctl(4, SIOCGIFNETMASK, {ifr_name="eth0", ifr_netmask={AF_INET, inet_addr("255.255.255.0")}}) = 0
fstat(1, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fffc84c7140) = -1 ENOTTY (Inappropriate ioctl for device)
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286d0000
open("/proc/net/if_inet6", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286cf000
read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108
socket(PF_NETLINK, SOCK_RAW, 0) = 7
bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0
sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 108
recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 128
recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(7) = 0
read(6, "", 1024) = 0
read(6, "", 1024) = 0
close(6) = 0
munmap(0x7fd3286cf000, 4096) = 0
open("/proc/net/dev", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286cf000
read(6, "Inter-| Receive "..., 1024) = 446
close(6) = 0
munmap(0x7fd3286cf000, 4096) = 0
ioctl(5, SIOCGIFFLAGS, {ifr_name="lo", ifr_flags=IFF_UP|IFF_LOOPBACK|IFF_RUNNING}) = 0
ioctl(5, SIOCGIFHWADDR, {ifr_name="lo", ifr_hwaddr=00:00:00:00:00:00}) = 0
ioctl(5, SIOCGIFMETRIC, {ifr_name="lo", ifr_metric=0}) = 0
ioctl(5, SIOCGIFMTU, {ifr_name="lo", ifr_mtu=16436}) = 0
ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0
ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, base_addr=0, irq=0, dma=0, port=0}}) = 0
ioctl(5, SIOCGIFTXQLEN, {ifr_name="lo", ifr_qlen=0}) = 0
ioctl(4, SIOCGIFADDR, {ifr_name="lo", ifr_addr={AF_INET, inet_addr("127.0.0.1")}}) = 0
ioctl(4, SIOCGIFDSTADDR, {ifr_name="lo", ifr_dstaddr={AF_INET, inet_addr("127.0.0.1")}}) = 0
ioctl(4, SIOCGIFBRDADDR, {ifr_name="lo", ifr_broadaddr={AF_INET, inet_addr("0.0.0.0")}}) = 0
ioctl(4, SIOCGIFNETMASK, {ifr_name="lo", ifr_netmask={AF_INET, inet_addr("255.0.0.0")}}) = 0
open("/proc/net/if_inet6", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd3286cf000
read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108
read(6, "", 1024) = 0
socket(PF_NETLINK, SOCK_RAW, 0) = 7
bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0
sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 108
recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 128
recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(7) = 0
read(6, "", 1024) = 0
close(6) = 0
munmap(0x7fd3286cf000, 4096) = 0
close(5) = 0
write(1, "eth0 Link encap:Ethernet H"..., 881) = 881
exit_group(0) = ?
sh-4.1#
==== We can actually "ifconfig -a" wrote things like "eth0 ...." to the stdout
==== After set selinux to permissive mode on host ====
[root@amd-5400b-4-2 ~]# setenforce 0
[root@amd-5400b-4-2 ~]# virsh -c lxc:/// start vm1
Domain vm1 started
[root@amd-5400b-4-2 ~]# virsh -c lxc:/// console vm1
Connected to domain vm1
Escape character is ^]
sh-4.1# ifconfig -a
eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC
inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:826 (826.0 b) TX bytes:468 (468.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
==== However, "busybox ifconfig -a" works well ====
sh-4.1# busybox ifconfig -a
eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC
inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:189 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12742 (12.4 KiB) TX bytes:552 (552.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
==== And it seems some other commands under "/sbin" also output empty to stdout
sh-4.1# ip link show
sh-4.1# fdisk -l
I just took a glance on it, didn't look into more, not sure if libvirt should do something to avoid the problem though.
(In reply to comment #25) > The problem (empty result of "ifconfig -a" in the container) should be caused > by selinux. Proof is below: > > > [host]# setenforce 1 > > [host]# virsh -c lxc:/// console vm > Connected to domain vm1 > Escape character is ^] > sh-4.1# ifconfig -a > sh-4.1# ping 10.66.83.167 > connect: Network is unreachable > > sh-4.1# service network restart > Shutting down interface eth0: [ OK ] > Shutting down loopback interface: [ OK ] > Bringing up loopback interface: [ OK ] > Bringing up interface eth0: > Determining IP information for eth0... done. > [ OK ] > sh-4.1# ifconfig -a > sh-4.1# ping 10.66.83.167 > PING 10.66.83.167 (10.66.83.167) 56(84) bytes of data. > 64 bytes from 10.66.83.167: icmp_seq=1 ttl=64 time=1.11 ms > 64 bytes from 10.66.83.167: icmp_seq=2 ttl=64 time=0.122 ms > ^C > --- 10.66.83.167 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1476ms > rtt min/avg/max/mdev = 0.122/0.620/1.119/0.499 ms > sh-4.1# ping 127.0.0.1 > PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. > 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.146 ms > 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.096 ms > ^C > --- 127.0.0.1 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1804ms > rtt min/avg/max/mdev = 0.096/0.121/0.146/0.025 ms > > ======= Above proved both eth0 and lo in the guest actually works ========= > > sh-4.1# /usr/bin/strace -o trace.log ifconfig -a > sh-4.1# cat trace.log > execve("/sbin/ifconfig", ["ifconfig", "-a"], [/* 7 vars */]) = 0 > brk(0) = 0x1409000 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d1000 > access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) > open("/etc/ld.so.cache", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0644, st_size=46783, ...}) = 0 > mmap(NULL, 46783, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd3286c5000 > close(3) = 0 > open("/lib64/libselinux.so.1", O_RDONLY) = 3 > read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0PX\340j=\0\0\0"..., 832) > = 832 > fstat(3, {st_mode=S_IFREG|0755, st_size=124624, ...}) = 0 > mmap(0x3d6ae00000, 2221912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, > 0) = 0x3d6ae00000 > mprotect(0x3d6ae1d000, 2093056, PROT_NONE) = 0 > mmap(0x3d6b01c000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x3d6b01c000 > mmap(0x3d6b01e000, 1880, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6b01e000 > close(3) = 0 > open("/lib64/libc.so.6", O_RDONLY) = 3 > read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355ai=\0\0\0"..., > 832) = 832 > fstat(3, {st_mode=S_IFREG|0755, st_size=1979000, ...}) = 0 > mmap(0x3d69600000, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, > 0) = 0x3d69600000 > mprotect(0x3d69797000, 2097152, PROT_NONE) = 0 > mmap(0x3d69997000, 20480, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x3d69997000 > mmap(0x3d6999c000, 18600, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3d6999c000 > close(3) = 0 > open("/lib64/libdl.so.2", O_RDONLY) = 3 > read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\240i=\0\0\0"..., > 832) = 832 > fstat(3, {st_mode=S_IFREG|0755, st_size=22536, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286c4000 > mmap(0x3d69a00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, > 0) = 0x3d69a00000 > mprotect(0x3d69a02000, 2097152, PROT_NONE) = 0 > mmap(0x3d69c02000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3d69c02000 > close(3) = 0 > mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286c2000 > arch_prctl(ARCH_SET_FS, 0x7fd3286c27a0) = 0 > mprotect(0x3d6b01c000, 4096, PROT_READ) = 0 > mprotect(0x3d69997000, 16384, PROT_READ) = 0 > mprotect(0x3d69c02000, 4096, PROT_READ) = 0 > mprotect(0x3d6901f000, 4096, PROT_READ) = 0 > munmap(0x7fd3286c5000, 46783) = 0 > statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, > f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) > = 0 > brk(0) = 0x1409000 > brk(0x142a000) = 0x142a000 > uname({sys="Linux", node="amd-5400b-4-2.englab.nay.redhat.com", ...}) = 0 > access("/proc/net", R_OK) = 0 > access("/proc/net/unix", R_OK) = 0 > socket(PF_FILE, SOCK_DGRAM, 0) = 3 > socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4 > access("/proc/net/if_inet6", R_OK) = 0 > socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 5 > access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory) > access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory) > open("/proc/net/dev", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d0000 > read(6, "Inter-| Receive "..., 1024) = 446 > read(6, "", 1024) = 0 > close(6) = 0 > munmap(0x7fd3286d0000, 4096) = 0 > ioctl(4, SIOCGIFCONF, {80, {{"lo", {AF_INET, inet_addr("127.0.0.1")}}, {"eth0", > {AF_INET, inet_addr("192.168.122.18")}}}}) = 0 > open("/proc/net/dev", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d0000 > read(6, "Inter-| Receive "..., 1024) = 446 > close(6) = 0 > munmap(0x7fd3286d0000, 4096) = 0 > ioctl(5, SIOCGIFFLAGS, {ifr_name="eth0", > ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_MULTICAST}) = 0 > ioctl(5, SIOCGIFHWADDR, {ifr_name="eth0", ifr_hwaddr=52:54:00:f2:2c:ac}) = 0 > ioctl(5, SIOCGIFMETRIC, {ifr_name="eth0", ifr_metric=0}) = 0 > ioctl(5, SIOCGIFMTU, {ifr_name="eth0", ifr_mtu=1500}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="eth0", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFTXQLEN, {ifr_name="eth0", ifr_qlen=1000}) = 0 > ioctl(4, SIOCGIFADDR, {ifr_name="eth0", ifr_addr={AF_INET, > inet_addr("192.168.122.18")}}) = 0 > ioctl(4, SIOCGIFDSTADDR, {ifr_name="eth0", ifr_dstaddr={AF_INET, > inet_addr("192.168.122.18")}}) = 0 > ioctl(4, SIOCGIFBRDADDR, {ifr_name="eth0", ifr_broadaddr={AF_INET, > inet_addr("192.168.122.255")}}) = 0 > ioctl(4, SIOCGIFNETMASK, {ifr_name="eth0", ifr_netmask={AF_INET, > inet_addr("255.255.255.0")}}) = 0 > fstat(1, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0 > ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fffc84c7140) = -1 ENOTTY > (Inappropriate ioctl for device) > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286d0000 > open("/proc/net/if_inet6", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286cf000 > read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108 > socket(PF_NETLINK, SOCK_RAW, 0) = 7 > bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 > getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0 > sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, > {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 108 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 128 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 > close(7) = 0 > read(6, "", 1024) = 0 > read(6, "", 1024) = 0 > close(6) = 0 > munmap(0x7fd3286cf000, 4096) = 0 > open("/proc/net/dev", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286cf000 > read(6, "Inter-| Receive "..., 1024) = 446 > close(6) = 0 > munmap(0x7fd3286cf000, 4096) = 0 > ioctl(5, SIOCGIFFLAGS, {ifr_name="lo", > ifr_flags=IFF_UP|IFF_LOOPBACK|IFF_RUNNING}) = 0 > ioctl(5, SIOCGIFHWADDR, {ifr_name="lo", ifr_hwaddr=00:00:00:00:00:00}) = 0 > ioctl(5, SIOCGIFMETRIC, {ifr_name="lo", ifr_metric=0}) = 0 > ioctl(5, SIOCGIFMTU, {ifr_name="lo", ifr_mtu=16436}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFMAP, {ifr_name="lo", ifr_map={mem_start=0, mem_end=0, > base_addr=0, irq=0, dma=0, port=0}}) = 0 > ioctl(5, SIOCGIFTXQLEN, {ifr_name="lo", ifr_qlen=0}) = 0 > ioctl(4, SIOCGIFADDR, {ifr_name="lo", ifr_addr={AF_INET, > inet_addr("127.0.0.1")}}) = 0 > ioctl(4, SIOCGIFDSTADDR, {ifr_name="lo", ifr_dstaddr={AF_INET, > inet_addr("127.0.0.1")}}) = 0 > ioctl(4, SIOCGIFBRDADDR, {ifr_name="lo", ifr_broadaddr={AF_INET, > inet_addr("0.0.0.0")}}) = 0 > ioctl(4, SIOCGIFNETMASK, {ifr_name="lo", ifr_netmask={AF_INET, > inet_addr("255.0.0.0")}}) = 0 > open("/proc/net/if_inet6", O_RDONLY) = 6 > fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7fd3286cf000 > read(6, "fe80000000000000505400fffef22cac"..., 1024) = 108 > read(6, "", 1024) = 0 > socket(PF_NETLINK, SOCK_RAW, 0) = 7 > bind(7, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 > getsockname(7, {sa_family=AF_NETLINK, pid=30357, groups=00000000}, [12]) = 0 > sendto(7, "\24\0\0\0\26\0\1\3\216\305\274N\0\0\0\0\0\0\0\0", 20, 0, > {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"0\0\0\0\24\0\2\0\216\305\274N\225v\0\0\2\10\200\376.\0\0\0\10\0\1\0\177\0\0\1"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 108 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"@\0\0\0\24\0\2\0\216\305\274N\225v\0\0\n\200\200\376.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 128 > recvmsg(7, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, > msg_iov(1)=[{"\24\0\0\0\3\0\2\0\216\305\274N\225v\0\0\0\0\0\0.\0\0\0\24\0\1\0\0\0\0\0"..., > 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 > close(7) = 0 > read(6, "", 1024) = 0 > close(6) = 0 > munmap(0x7fd3286cf000, 4096) = 0 > close(5) = 0 > write(1, "eth0 Link encap:Ethernet H"..., 881) = 881 > exit_group(0) = ? > sh-4.1# > > ==== We can actually "ifconfig -a" wrote things like "eth0 ...." to the stdout s/can /can see/ > > ==== After set selinux to permissive mode on host ==== > > [root@amd-5400b-4-2 ~]# setenforce 0 > > [root@amd-5400b-4-2 ~]# virsh -c lxc:/// start vm1 > Domain vm1 started > > [root@amd-5400b-4-2 ~]# virsh -c lxc:/// console vm1 > Connected to domain vm1 > Escape character is ^] > sh-4.1# ifconfig -a > eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC > inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:10 errors:0 dropped:0 overruns:0 frame:0 > TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:826 (826.0 b) TX bytes:468 (468.0 b) > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > > ==== However, "busybox ifconfig -a" works well ==== s/works well/works well when selinux is enforcing/ > > sh-4.1# busybox ifconfig -a > eth0 Link encap:Ethernet HWaddr 52:54:00:F2:2C:AC > inet6 addr: fe80::5054:ff:fef2:2cac/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:189 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:12742 (12.4 KiB) TX bytes:552 (552.0 B) > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) > > ==== And it seems some other commands under "/sbin" also output empty to stdout > > sh-4.1# ip link show > sh-4.1# fdisk -l > > > I just took a glance on it, didn't look into more, not sure if libvirt should > do something to avoid the problem though. Hi Osier, Seems you have investigated something about it, do u still want us to provide the info? BTW, IMHO it should be recorded in documentation at least if it's caused by SElinux per comment 25. Thanks, Rita Osier, can you summarize the issue? (In reply to comment #28) > Osier, can you summarize the issue? I don't known the root cause yet, need more investigation. |
Description of problem: Define a guest in LXC <domain type='lxc'> <name>vm1</name> <uuid>386f5b25-43ee-9d62-4ce2-58c3809e47c1</uuid> <memory>500000</memory> <currentMemory>500000</currentMemory> <vcpu>1</vcpu> <os> <type arch='i686'>exe</type> <init>/bin/sh</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <interface type='network'> <mac address='52:54:00:f2:2c:ac'/> <source network='default'/> <target dev='veth0'/> </interface> <console type='pty'> <target port='0'/> </console> </devices> </domain> start and console connect to the guest.In guest typing: sh-4.1#ifconfig return nothing Version-Release number of selected component (if applicable): # rpm -qa | grep libvirt libvirt-client-0.8.1-10.el6.i686 libvirt-debuginfo-0.8.1-10.el6.i686 libvirt-0.8.1-10.el6.i686 libvirt-python-0.8.1-10.el6.i686 libvirt-devel-0.8.1-10.el6.i686 # uname -r 2.6.32-30.el6.i686 How reproducible: 100% Steps to Reproduce: 1. Define a lxc guest 2. start and console connect to it 3. issue ifconfig Actual results: return nothing Expected results: network interface including(eth0 and lo) Additional info: