Hide Forgot
Created attachment 1202193 [details] virt-viewer log when connecting with non-root user Description of problem: Start a guest with vnc listens on a unix socket. In another terminal, login as non-root user, and use virt-viewer to connect to guest, it displays "Checking guest domain status" forever. $ virt-viewer -c qemu:///system rhel7.3-0817 --debug ...... (virt-viewer:7348): virt-viewer-DEBUG: After open connection callback fd=-1 (virt-viewer:7348): virt-viewer-DEBUG: Opening direct UNIX connection to display at /var/lib/libvirt/qemu/domain-91-rhel7.3-0817/vnc.sock (virt-viewer:7348): virt-viewer-DEBUG: Guest rhel7.3-0817 has not activated its display yet, waiting for it to start Version-Release number of selected component (if applicable): libvirt-2.0.0-9.el7.x86_64 virt-viewer-2.0-12.el7.x86_64 qemu-kvm-rhev-2.6.0-25.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1.Start a guest with vnc listens on unix socket: # virsh dumpxml rhel7.3-0817 <graphics type='vnc' socket='/var/lib/libvirt/qemu/domain-91-rhel7.3-0817/vnc.sock'> <listen type='socket' socket='/var/lib/libvirt/qemu/domain-91-rhel7.3-0817/vnc.sock'/> </graphics> Qemu command line: ...-vnc unix:/var/lib/libvirt/qemu/domain-91-rhel7.3-0817/vnc.sock... 2.Switch to non-root user, and use virt-viewer to connect guest: $ virt-viewer -c qemu:///system rhel7.3-0817 --debug Actual results: Virt-viewer can't connect to guest graphic with non-root user and vnc listening on unix socket Expected results: Virt-viewer can connect to guest graphic with non-root user and vnc listening on unix socket Additional info: 1. Swith to root user, and use virt-viewer to connect guest, it can open guest graphic successfully: # virt-viewer -c qemu:///system rhel7.3-0817 2. Change the vnc listen type to address, virt-viewer can open guest graphic correctly with non-root user
The socket is created with the root user, the "normal" user doesn't have permissions to it: (virt-viewer:6196): virt-viewer-DEBUG: Error operation forbidden: read only access prevents virDomainOpenGraphicsFD The only thing which can be considered as a bug is a not clear message to the user
Posted patch to show a dialog with the reason of the failure: https://www.redhat.com/archives/virt-tools-list/2016-October/msg00003.html
I verified with virt-viewer-5.0-2.el7.x86_64. when connect to a guest which listen a socket in qemu:///system by normal user, "Failed to connect: Connecting to unix socket failed: Permission denied" error pops up. So move the bug from ON_QA to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:1849