1079211 – virt-viewer --direct fails to connect to remote guest configured with listen="0.0.0.0"

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1079211 - virt-viewer --direct fails to connect to remote guest configured with listen="0.0.0.0"

Summary: virt-viewer --direct fails to connect to remote guest configured with listen=...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	virt-viewer
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Christophe Fergeau
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1085210
TreeView+	depends on / blocked

Reported:	2014-03-21 08:45 UTC by tingting zheng
Modified:	2015-03-05 13:38 UTC (History)
CC List:	8 users (show)
Fixed In Version:	virt-viewer-0.6.0-1.el7
Doc Type:	Bug Fix
Doc Text:	The scenario described in comment 7 (https://bugzilla.redhat.com/show_bug.cgi?id=1079211#c7) failed. It now should work.
Clone Of:
Clones:	1085210 (view as bug list)
Environment:
Last Closed:	2015-03-05 13:38:58 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:0295	0	normal	SHIPPED_LIVE	virt-viewer bug fix and enhancement update	2015-03-05 17:33:00 UTC

Description tingting zheng 2014-03-21 08:45:15 UTC

Description
virt-viewer --direct option fails to connect remote guest

Version:
virt-viewer-0.5.7-7.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
I've found bug 730911#4,it points that there are three guest configurations that should be tested,so I tested the three scenarios.

 1. No listen attribute

      <graphics type='vnc' port='-1' autoport='yes'/>

 2. Specific listen attribute

      <graphics type='vnc' port='-1' autoport='yes' listen='123.45.67.89'/>

 3. Wildcard listen attribute

      <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>


Scenario 1:
It defaults to 127.0.0.1 test as below:
1.On host A(ip:10.66.5.145),prepare a vnc guest.
# virsh list 
 Id    Name                           State
----------------------------------------------------
 45    demo-vnc                     running

# virsh dumpxml demo-vnc
    <graphics type='vnc' port='-1' autoport='yes'/>

2.On host B(ip:10.66.5.7),use virt-viewer to connect the guest on host A using --direct:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc

2.1 On host B,if there is no guest running using vnc protocal with port 5900,error will show as:
"Unable to connect to the graphic server 127.0.0.1:5900"

2.2 On host B,if there is a guest running using vnc protocal with port 5900,
# virsh dumpmxl demo
    <graphics type='vnc' port='5900' autoport='no' listen='0.0.0.0'>
      <listen type='address' address='0.0.0.0'/>
    </graphics>

# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
Then the vm 'demo' on host B will be opened instead of remote guest demo-vnc on host A.

Scenario 2:
1.On host A(ip:10.66.5.145),prepare a vnc guest.

# virsh dumpxml demo-vnc
      <graphics type='vnc' port='-1' autoport='yes' listen='10.66.5.145'/>

2.On host A(ip:10.66.5.145),virt-viewer --direct can launch the demo-vnc successfully.

3.On host B(ip:10.66.5.7),--direct fails with the blow error:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
"Unable to connect to the graphic server 10.66.5.145:5900"

Scenario 3:
1.On host A(ip:10.66.5.145),prepare a vnc guest.

# virsh dumpxml demo-vnc
     <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>

2.On host B(ip:10.66.5.7),use virt-viewer --direct to launch the guest on host A,it fails with error:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
Unable to connect to the graphic server localhost:5900


Actual results：
As described.

Expected results:
Scenario 1:
step 2.1,guest can be connected and no error shows.
step 2.2,guest console should not be effected by local vnc guest and be launched successfully.

Scenario 2:
step 3,guest can be launched successfully.

Scenario 3:
step 2,guest can be launched successfully.

If some of the above scenarios are not supported by --direct option or additional configuration needed,it should be documented in virt-viewer manual/help.

Additional info:
The above issue can be reproduced on spice guest.

Comment 2 RHEL Program Management 2014-03-31 05:47:12 UTC

This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 3 Christophe Fergeau 2014-04-03 13:09:28 UTC

For scenario 2, I had to disable firewalld on the host (systemctl stop firewalld.service) before being able to successfully run the command, but after that it worked. Please test remote-viewer vnc://10.66.5.145:5900 if scenario 2 is still not working for you after disabling the firewall. If it's working with the firewall disabled, then a bug should be opened against 'another' component to have it fixed (dunno if libvirt or firewalld is the relevant component). If you can still hit the bug with the firewall disabled, can you open a new bug for that as the issue would be different from scenario 3.

For scenario 3, this should be fixed by https://www.redhat.com/archives/virt-tools-list/2014-April/msg00021.html
This bug has been present since virt-viewer 0.5.5 so it most likely impacts RHEL6 as well.

Comment 4 tingting zheng 2014-04-04 08:18:16 UTC

(In reply to Christophe Fergeau from comment #3)
> For scenario 2, I had to disable firewalld on the host (systemctl stop
> firewalld.service) before being able to successfully run the command, but
> after that it worked. Please test remote-viewer vnc://10.66.5.145:5900 if
> scenario 2 is still not working for you after disabling the firewall. If
> it's working with the firewall disabled, then a bug should be opened against
> 'another' component to have it fixed (dunno if libvirt or firewalld is the
> relevant component). If you can still hit the bug with the firewall
> disabled, can you open a new bug for that as the issue would be different
> from scenario 3.

I tested again with scenario 2:
When I disable firewalld service on host 10.66.5.145,then virt-viewer works.After start the firewalld service,error shows as description.So I filed a new firewalld bug 1084367.

Comment 5 tingting zheng 2014-04-04 08:35:19 UTC

Hi, Christophe
    I noticed that you changed the title of the bug,What about scenario 1? Why does local vm affect --direct to launch remote vm as step 2.2 in scenario 1 describes.

Comment 6 Christophe Fergeau 2014-04-04 08:59:07 UTC

I totally missed this (too many separate issues in the same bug :( I opened bug #1084393 to track scenario 1

Comment 7 Christophe Fergeau 2014-04-04 09:02:00 UTC

To make things clear, this bug is now only about scenario 3:

Scenario 3:
1.On host A(ip:10.66.5.145),prepare a vnc guest.

# virsh dumpxml demo-vnc
     <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>

2.On host B(ip:10.66.5.7),use virt-viewer --direct to launch the guest on host A,it fails with error:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
Unable to connect to the graphic server localhost:5900

Comment 10 tingting zheng 2014-07-21 09:24:07 UTC

Tested pass with:
virt-viewer-0.6.0-1.el7.x86_64

Steps:
1.On host A,prepare a vnc guest.

# virsh dumpxml demo-vnc
     <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>

2.On host B,use virt-viewer --direct to launch the guest on host A.
# virt-viewer --direct -c qemu+ssh://$hostA/system demo-vnc

guest can be launched successfully and the password only need once authtication.

Tested the above steps for spice guest and get the same results,so move the bug to VERIFIED.

Comment 12 errata-xmlrpc 2015-03-05 13:38:58 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0295.html

Note You need to log in before you can comment on or make changes to this bug.