Description of problem: Trying to start up LXC containers with virt-install fail. Version-Release number of selected component (if applicable): virt-install-0.10.0-3.gita2e52067.fc20.noarch libvirt-daemon-driver-lxc-1.1.3-1.fc20.x86_64 lxc-0.9.0-2.fc20.x86_64 lxc-libs-0.9.0-2.fc20.x86_64 libvirt-daemon-lxc-1.1.3-1.fc20.x86_64 How reproducible: Every time. Steps to Reproduce: 1.Set up a rootfs for the container with: yum -y --releasever=20 --nogpg --installroot=/var/lib/libvirt/filesystems/mycontainer ` --disablerepo='*' --enablerepo=fedora install \ systemd passwd yum fedora-release vim-minimal openssh-server procps-ng 2.Start the container with: virt-install --connect lxc:/// --name mycontainer --ram 800 --filesystem /var/lib/libvirt/filesystems/mycontainer,/ 3. Fail Actual results: [root@f20 /]# virt-install --connect lxc:/// --name mycontainer --ram 800 --filesystem /var/lib/libvirt/filesystems/mycontainer,/ Starting install... ERROR internal error: Child process (PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin LIBVIRT_DEBUG=3 LIBVIRT_LOG_OUTPUTS=3:stderr /usr/libexec/libvirt_lxc --name mycontainer --console 24 --security=selinux --handshake 27 --background --veth veth1) unexpected fatal signal 11 Domain installation does not appear to have been successful. If it was, you can restart your domain by running: virsh --connect lxc:/// start mycontainer otherwise, please restart your installation. Expected results: My container to start up successfully. Additional info:
Can you tell me if you had SELinux in enforcing mode, and does putting it in permissive mode work ? Also what version of 'selinux-policy' do you have, because there was a recent broken version that caused libvirt to crash.
It is in permissive, and it does fire off some SElinux alerts: [root@f20 ~]# getenforce Permissive [root@f20 ~]# virt-install --connect lxc:/// --name mycontainer --ram 800 --filesystem /root/fedora-rootfs,/ Starting install... ERROR internal error: Child process (PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin LIBVIRT_DEBUG=3 LIBVIRT_LOG_OUTPUTS=3:stderr /usr/libexec/libvirt_lxc --name mycontainer --console 22 --security=selinux --handshake 25 --background --veth veth1) unexpected fatal signal 11 Domain installation does not appear to have been successful. If it was, you can restart your domain by running: virsh --connect lxc:/// start mycontainer otherwise, please restart your installation. [root@f20 ~]# rpm -qa | grep selinux-policy selinux-policy-3.12.1-84.fc20.noarch selinux-policy-targeted-3.12.1-84.fc20.noarch
Ok, it isn't the bug I was thinking of wrt selinux policy at least. Managed to reproduce it and capture a very unexpectedly wierd stack trace #0 0x00007f0cddb653ec in free () from /lib64/libc.so.6 #1 0x00007f0ce0e16f4a in virFree (ptrptr=ptrptr@entry=0x7f0ce1830058) at util/viralloc.c:580 #2 0x00007f0ce0e2764b in virResetError (err=0x7f0ce1830030) at util/virerror.c:354 #3 0x00007f0ce0e27a5a in virResetLastError () at util/virerror.c:387 #4 0x00007f0ce0e28858 in virEventRegisterDefaultImpl () at util/virevent.c:233 #5 0x00007f0ce0db47c6 in main (argc=11, argv=0x7fff4596c328) at lxc/lxc_controller.c:2352
From the department of "How on earth did this ever avoiding crashing in previous Fedora" https://www.redhat.com/archives/libvir-list/2013-October/msg00332.html
libvirt-1.1.3.1-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/libvirt-1.1.3.1-1.fc20
Package libvirt-1.1.3.1-1.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing libvirt-1.1.3.1-1.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-20869/libvirt-1.1.3.1-1.fc20 then log in and leave karma (feedback).
libvirt-1.1.3.1-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.