RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1375157 - virt-v2v: -i ova: Permission denied when using libvirt and running as root
Summary: virt-v2v: -i ova: Permission denied when using libvirt and running as root
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libguestfs
Version: 7.3
Hardware: x86_64
OS: Unspecified
low
low
Target Milestone: rc
: ---
Assignee: Richard W.M. Jones
QA Contact: Virtualization Bugs
URL:
Whiteboard: V2V
Depends On: 890291 1045069 1359086 1430680
Blocks: 1401400
TreeView+ depends on / blocked
 
Reported: 2016-09-12 10:25 UTC by mxie@redhat.com
Modified: 2017-08-01 22:11 UTC (History)
9 users (show)

Fixed In Version: libguestfs-1.36.1-1.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 22:11:26 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
permission-v2v.log (11.94 KB, text/plain)
2016-09-12 10:26 UTC, mxie@redhat.com
no flags Details
test-ova.ova (3.89 MB, application/x-tar)
2016-09-12 10:41 UTC, Richard W.M. Jones
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:2023 0 normal SHIPPED_LIVE libguestfs bug fix and enhancement update 2017-08-01 19:32:01 UTC

Description mxie@redhat.com 2016-09-12 10:25:59 UTC
Description of problem:
There is error info about permission when convert a guest from ova file by v2v

Version-Release number of selected component (if applicable):
virt-v2v-1.32.7-3.el7.x86_64
libguestfs-1.32.7-3.el7.x86_64
qemu-kvm-rhev-2.6.0-24.el7.x86_64
libvirt-2.0.0-8.el7.x86_64


How reproducible:
100% 

Steps to Reproduce:
1.Convert a guest from ova file by v2v, but there is error info about permission except error of environment variable, details log pls refer to attachment
# virt-v2v -i ova rhel6.8-vmware-ova.tar -o local -os /var/tmp -of raw
[   0.0] Opening the source -i ova rhel6.8-vmware-ova.tar
[   1.0] Creating an overlay to protect the source from being modified
[   2.7] Initializing the target -o local -os /var/tmp
[   2.7] Opening the overlay
virt-v2v: error: libguestfs error: could not create appliance through 
libvirt.

Try running qemu directly without libvirt using this environment variable:
export LIBGUESTFS_BACKEND=direct

Original error from libvirt: Cannot access backing file 
'/var/tmp/ova.puFtEh/rhel6.8-vmware/juzhou-rhel6u8-disk1.vmdk' of storage 
file '/var/tmp/v2vovl4c0d41.qcow2' (as uid:107, gid:107): Permission denied 
[code=38 int1=13]

If reporting bugs, run virt-v2v with debugging enabled and include the 
complete output:

  virt-v2v -v -x [...]



Actual results:
As above description

Expected results:
There is no error info about permission when convert a guest from ova file by v2v, should shows error info of environment variable as below:
virt-v2v: error: because of libvirt bug 
https://bugzilla.redhat.com/show_bug.cgi?id=1134592 you must set this 
environment variable:

export LIBGUESTFS_BACKEND=direct

and then rerun the virt-v2v command.

If reporting bugs, run virt-v2v with debugging enabled and include the 
complete output:

  virt-v2v -v -x [...]


Additional info:

Comment 1 mxie@redhat.com 2016-09-12 10:26:59 UTC
Created attachment 1200146 [details]
permission-v2v.log

Comment 2 Richard W.M. Jones 2016-09-12 10:37:08 UTC
This is a variation of the "libvirt has no session qemu for root" bug
(in libvirt).

virt-v2v unpacks the OVA into a temporary directory, creating files
and directories as root with permissions like 0600.

Libvirt runs qemu as non-root user qemu.qemu.

Either /var/tmp/ova.puFtEh or /var/tmp/ova.puFtEh/rhel6.8-vmware
is not readable by qemu.qemu, and we see this failure.

Comment 3 Pino Toscano 2016-09-12 10:41:23 UTC
(In reply to Richard W.M. Jones from comment #2)
> This is a variation of the "libvirt has no session qemu for root" bug
> (in libvirt).

... which should be bug 890291 (leaving it here for reference).

Comment 4 Richard W.M. Jones 2016-09-12 10:41:38 UTC
Created attachment 1200173 [details]
test-ova.ova

Reproduce the bug using the attached dummy OVA file, and
the following command which must be run *as root*:

# virt-v2v -i ova test-ova.ova -o null -of qcow2
[   0.0] Opening the source -i ova test-ova.ova
[   0.0] Creating an overlay to protect the source from being modified
[   0.1] Initializing the target -o null
[   0.1] Opening the overlay
virt-v2v: error: libguestfs error: could not create appliance through 
libvirt.

Try running qemu directly without libvirt using this environment variable:
export LIBGUESTFS_BACKEND=direct

Original error from libvirt: Cannot access backing file 
'/var/tmp/ova.tlxP2U/test-ova.vmdk' of storage file 
'/var/tmp/v2vovld54bdb.qcow2' (as uid:107, gid:107): Permission denied 
[code=38 int1=13]

Comment 5 Richard W.M. Jones 2016-09-12 10:54:21 UTC
I posted a patch:

https://www.redhat.com/archives/libguestfs/2016-September/msg00063.html

# virt-v2v -i ova test-ova.ova -o null -of qcow2
[   0.0] Opening the source -i ova test-ova.ova
virt-v2v: warning: making OVA directory public readable to workaround 
libvirt bug https://bugzilla.redhat.com/890291
[   0.0] Creating an overlay to protect the source from being modified
[   0.1] Initializing the target -o null
[   0.1] Opening the overlay
[  15.2] Inspecting the overlay
etc

Comment 6 Richard W.M. Jones 2016-10-11 09:50:52 UTC
I pushed this patch upstream over some objections because we now
have customers reporting it to me and a customer solution on
RHN (https://access.redhat.com/solutions/2110391).  Some fix is
needed even if it's not ideal.

Upstream commit is:
https://github.com/libguestfs/libguestfs/commit/d9b2a16c71d0c87195e28c1325fd83b344741339

Comment 13 kuwei@redhat.com 2017-03-17 06:18:46 UTC
From bug 1430680,verify the bug with below builds again:

virt-v2v-1.36.2-2.el7.x86_64
libguestfs-1.36.2-2.el7.x86_64
libvirt-3.1.0-2.el7.x86_64
qemu-kvm-rhev-2.8.0-6.el7.x86_64

Verify steps:
1.Convert a guest from ova file by v2v
# virt-v2v -i ova rhel6.7-efi.ova -o null -of qcow2
[   0.0] Opening the source -i ova rhel6.7-efi.ova
virt-v2v: warning: making OVA directory public readable to work around 
libvirt bug https://bugzilla.redhat.com/1045069
[  28.1] Creating an overlay to protect the source from being modified
[  28.4] Initializing the target -o null
[  28.4] Opening the overlay
[  30.2] Inspecting the overlay
[  44.3] Checking for sufficient free disk space in the guest
[  44.3] Estimating space required on target for each disk
[  44.3] Converting Red Hat Enterprise Linux Server release 6.7 Beta (Santiago) to run on KVM
virt-v2v: This guest has virtio drivers installed.
[ 120.5] Mapping filesystem data to avoid copying unused and blank areas
virt-v2v: warning: fstrim on guest filesystem /dev/sda1 failed.  Usually 
you can ignore this message.  To find out more read "Trimming" in 
virt-v2v(1).

Original message: fstrim: fstrim: /sysroot/: the discard operation is not 
supported
[ 120.7] Closing the overlay
[ 121.0] Checking if the guest needs BIOS or UEFI to boot
virt-v2v: This guest requires UEFI on the target to boot.
[ 121.0] Assigning disks to buses
[ 121.0] Copying disk 1/1 to /var/tmp/null.hSQkWU/sda (qcow2)
    (100.00/100%)
[ 147.7] Creating output metadata
[ 147.7] Finishing off


Result : There is error info about permission when convert a guest from ova file by v2v

2:Reboot test server to verify it again.
# virt-v2v -i ova rhel6.7-efi.ova -o null -of raw

Result: There is error info when convert a guest from ova file by v2v

So,I think we could move this to VERIFIED

Comment 14 errata-xmlrpc 2017-08-01 22:11:26 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2023


Note You need to log in before you can comment on or make changes to this bug.