Bug 1113860
| Summary: | The guest will disappear after restart the libvirtd service while set seclabel type='static' model='none' relabel='yes'/> in guest's xml. | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | zhenfeng wang <zhwang> | |
| Component: | libvirt | Assignee: | Michal Privoznik <mprivozn> | |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 6.6 | CC: | dyuan, gsun, jdenemar, lhuang, mprivozn, mzhan, rbalakri, ydu | |
| Target Milestone: | rc | Keywords: | Upstream | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | libvirt-0.10.2-42.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1113861 (view as bug list) | Environment: | ||
| Last Closed: | 2014-10-14 04:22:47 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1113861 | |||
|
Description
zhenfeng wang
2014-06-27 05:37:15 UTC
Patch proposed upstream: https://www.redhat.com/archives/libvir-list/2014-July/msg00488.html Another attempt: https://www.redhat.com/archives/libvir-list/2014-July/msg00526.html I've just pushed patch upstream:
commit 99c8d2e8087135a57a54f205aabad8e911e53519
Author: Michal Privoznik <mprivozn>
AuthorDate: Wed Jul 9 14:36:04 2014 +0200
Commit: Michal Privoznik <mprivozn>
CommitDate: Mon Jul 14 11:10:09 2014 +0200
conf: Always format seclabel's model
https://bugzilla.redhat.com/show_bug.cgi?id=1113860
We've always done that. Well, until 990e46c45. Point is, if we don't
format model, we may lose a domain on libvirtd restart. If the
seclabel is implicit however, we should skip it's formatting.
Signed-off-by: Michal Privoznik <mprivozn>
v1.2.6-131-g99c8d2e
The backport was nacked as incomplete. I can reproduce this bug with libvirt-0.10.2-41.el6.x86_64, the following was my verify steps with libvirt-0.10.2-42.el6.x86_64 scenario 1 1.Prepare a shutoff guest # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 2.Edit the guest, add the following content to the guest's xml, after save the guest's xml we could see the following content in the guest's xml #virsh edit rhel6 -- <seclabel type='static' model='none' relabel='yes'/> -- #virsh dumpxml rhel6 <seclabel type='none' model='none'/> 3.Restart the libvirtd service #service libvirtd restart 4.Check the guest status, the guest was still exsiting # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 5.Start the guest, get the expect error # virsh start rhel6 error: Failed to start domain rhel6 error: unsupported configuration: Unable to find security driver for label none scenario 2 1.Edit the guest's xml, after save the guest's xml we could see the following content in the guest's xml #virsh edit rhel6 -- <seclabel type='static' model='none' relabel='no'/> #virsh dumpxml rhel6 <seclabel type='none' model='none'/> 2.Restart the libvirtd service #service libvirtd restart 3.Check the guest status, the guest was still exsiting # virsh list --all Id Name State ---------------------------------------------------- - rhel6 shut off 4.Start the guest, get the expect error # virsh start rhel6 error: Failed to start domain rhel6 error: unsupported configuration: Unable to find security driver for label none scenario 3 Set security_driver = none in qemu.conf Edit the /etc/libvirt/qemu.conf security_driver = none #service libvirtd restart Retest secnario 1~2, get the same result as the following 1.After edit the guest's xml, we could see the following content in the guest's xml #virsh dumpxml rhel6 -- <seclabel type='none' model='none'/> 2.Start the guest, the guest could start successfully # virsh start rhel6 Domain rhel6 started 3.Do some operations with the guest, could get the expect result # virsh save rhel6 /tmp/rhel6.save Domain rhel6 saved to /tmp/rhel6.save # virsh restore /tmp/rhel6.save Domain restored from /tmp/rhel6.save According to the scenario 1~3, mark this bug verified Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1374.html |