Bug 684655
Summary: | virsh doesnt work as an unprivileged user | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | IBM Bug Proxy <bugproxy> |
Component: | libvirt | Assignee: | Eric Blake <eblake> |
Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 6.1 | CC: | balkov, eblake, jdenemar, jkachuck, mkenneth, mzhan, virt-maint, yoyzhang |
Target Milestone: | rc | Keywords: | Regression |
Target Release: | 6.1 | ||
Hardware: | x86_64 | ||
OS: | All | ||
Whiteboard: | |||
Fixed In Version: | libvirt-0.8.7-14.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-05-19 13:28:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 675698 | ||
Bug Blocks: | 684385, 684848 |
Description
IBM Bug Proxy
2011-03-14 06:51:06 UTC
As pointed out in bug 684848: This appears to be the real regression - virsh is trying to auto-starting the session daemon, but that fails: $ /usr/sbin/libvirtd --timeout=30 13:06:02.502: 24377: info : libvirt version: 0.8.7, package: 10.el6 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2011-03-07-14:14:56, x86-003.build.bos.redhat.com) 13:06:02.502: 24377: error : virStateInitialize:1022 : Initialization of udev state driver failed 13:06:02.520: 24377: warning : qemudStartup:1733 : Unable to create cgroup for driver: Permission denied 13:06:02.771: 24377: error : main:3305 : Driver state initialization failed 13:06:02.771: 24379: warning : qemudDispatchSignalEvent:403 : Shutting down on signal 3 It appears that the problem is that pci_system_init() fails when run as non-root, which in turn fails node_device_udev.c:udevDeviceMonitorStartup, which in turn makes the libvirtd startup code assume that it must abort. This function call lived in udevTranslatePCIIds for RHEL 6.0; it was moved into udevDeviceMonitorStartup during upstream commit 2215050edd: commit 2215050edd8adefbf0ff21c5cbf09685877492d6 Author: Daniel P. Berrange <berrange> Date: Mon Feb 7 17:04:35 2011 +0000 Only initialize/cleanup libpciaccess once libpciaccess has many bugs in its pci_system_init/cleanup functions that makes calling them multiple times unwise. eg it will double close() FDs, and leak other FDs. * src/node_device/node_device_udev.c: Only initialize libpciaccess once which was backported into libvirt-0.8.7-12.el6 as patch102 in order to fix 675698, thus this qualifies as a regression. It looks like the fix might be to ignore pci_system_init failure for non-privileged users. Upstream patch proposed: https://www.redhat.com/archives/libvir-list/2011-March/msg00769.html Verified this bug PASS with libvirt-0.8.7-14.el6.x86_64 [test@dhcp-65-132 ~]$ virsh Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh # list --all Id Name State ---------------------------------- virsh # nodedev-list --tree computer | +- net_lo_00_00_00_00_00_00 +- net_virbr0_nic_52_54_00_e0_db_11 +- net_vnet0_fe_54_00_b7_bc_20 +- net_vnet1_fe_54_00_21_be_6a +- pci_0000_00_00_0 .... ------- Comment From pradeepkumars.com 2011-03-23 00:32 EDT------- Hello yoyzhang can we expect libvirt-0.8.7-14.el6.x86_64 in snap1. --Pradeep Hi, Pradeep IMHO, we could get libvirt-0.8.7-14.el6.x86_64 or newer version in snap1. Anything unsure, please let me know. - Yoyo (In reply to comment #8) > ------- Comment From pradeepkumars.com 2011-03-23 00:32 EDT------- > Hello yoyzhang > > can we expect libvirt-0.8.7-14.el6.x86_64 in snap1. > > --Pradeep ------- Comment From pradeepkumars.com 2011-04-07 12:27 EDT------- its fixed. can close this bug --Pradeep An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0596.html |