RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1541525 - virt-v2v: error: libguestfs error: aug_get: no matching node
Summary: virt-v2v: error: libguestfs error: aug_get: no matching node
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libguestfs
Version: 7.4
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: rc
: ---
Assignee: Pino Toscano
QA Contact: Virtualization Bugs
URL:
Whiteboard: V2V
Depends On: 1551055
Blocks: 1558922
TreeView+ depends on / blocked
 
Reported: 2018-02-02 19:26 UTC by Chetan Nagarkar
Modified: 2021-06-10 14:27 UTC (History)
8 users (show)

Fixed In Version: libguestfs-1.38.0-1.el7
Doc Type: Bug Fix
Doc Text:
Previously, converting a Linux guest that did not have the SELINUXTYPE key in the SELinux configuration caused the virt-v2v utility to fail. With this update, virt-v2v handles a missing SELINUXTYPE key properly, and the affected guests can be converted as expected.
Clone Of:
: 1558922 (view as bug list)
Environment:
Last Closed: 2018-10-30 07:45:24 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2018:3021 0 None None None 2018-10-30 07:47:20 UTC

Description Chetan Nagarkar 2018-02-02 19:26:25 UTC 
Description of problem:

While importing guest from VMware to RHV following ERROR was noticed,

~~~
libguestfs: trace: v2v: aug_get "/files/etc/selinux/config/SELINUXTYPE"
guestfsd: main_loop: new request, len 0x54
guestfsd: error: no matching node
guestfsd: main_loop: proc 19 (aug_get) took 0.00 seconds
libguestfs: trace: v2v: aug_get = NULL (error)
virt-v2v: error: libguestfs error: aug_get: no matching node
rm -rf '/var/tmp/null.rJ1YBy'
libguestfs: trace: v2v: close
libguestfs: closing guestfs handle 0x26c99c0 (state 2)
libguestfs: trace: v2v: internal_autosync
~~~

Version-Release number of selected component (if applicable):

virt-v2v-1.36.3-6.el7_4.2.x86_64
libguestfs-1.36.3-6.el7_4.2.x86_64


Additional info:

The file /etc/selinux/config contained:

# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUX=enforcing

Should be:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

After updating this file on the problem guests, the imports appeared to work correctly.
Comment 3 Richard W.M. Jones 2018-02-02 21:09:39 UTC 
Fix is this one I think:

https://www.redhat.com/archives/libguestfs/2018-January/msg00288.html
https://github.com/libguestfs/libguestfs/commit/719d68fa247cc3885ecf7ec1c010faf83267d786
Comment 5 Pino Toscano 2018-03-21 08:47:53 UTC 
In a nutshell, the problem is that the file /etc/selinux/config did not have the SELINUXTYPE key.  According to the SELinux source code, when this key is missing SELinux uses "targeted" as setting.
Comment 7 kuwei@redhat.com 2018-03-23 07:42:22 UTC 
I could reproduce the bug with below builds:
virt-v2v-1.36.10-6.el7.x86_64
qemu-kvm-rhev-2.10.0-21.el7.x86_64
libvirt-3.9.0-14.el7.x86_64
libguestfs-1.36.10-6.el7.x86_64

Steps:
1.Prepare a rhel7.4 guest on ESXi5.5 which /etc/selinux/config is:
#cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=enforcing
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUX=enforcing
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUX=enforcing

2.Convert the guest from Vmware to RHV4.1 by virt-v2v.
# virt-v2v -ic vpx://root.75.182/data/10.73.3.19/?no_verify=1 esx5.5-rhel7.4-x86_64 --password-file /tmp/passwd -o rhv -os 10.66.144.40:/home/nfs_export 
[   0.0] Opening the source -i libvirt -ic vpx://root.75.182/data/10.73.3.19/?no_verify=1 esx5.5-rhel7.4-x86_64
[   1.5] Creating an overlay to protect the source from being modified
[   2.0] Initializing the target -o rhv -os 10.66.144.40:/home/nfs_export
[   2.1] Opening the overlay
[  13.4] Inspecting the overlay
[ 100.2] Checking for sufficient free disk space in the guest
[ 100.2] Estimating space required on target for each disk
[ 100.2] Converting Red Hat Enterprise Linux Server 7.4 (Maipo) to run on KVM
virt-v2v: error: libguestfs error: aug_get: no matching node

If reporting bugs, run virt-v2v with debugging enabled and include the 
complete output:

  virt-v2v -v -x [...]

3.The v2v log :
~~~
libguestfs: trace: v2v: aug_get "/files/etc/selinux/config/SELINUXTYPE"
guestfsd: main_loop: new request, len 0x54^M
guestfsd: error: no matching node^M
guestfsd: main_loop: proc 19 (aug_get) took 0.00 seconds^M
libguestfs: trace: v2v: aug_get = NULL (error)
virt-v2v: error: libguestfs error: aug_get: no matching node
umount '/tmp/v2v.SpqJCQ'
rm -rf '/var/tmp/null.fIes4I'
libguestfs: trace: v2v: close
libguestfs: closing guestfs handle 0x1037930 (state 2)
libguestfs: trace: v2v: internal_autosync

~~~
Comment 9 mxie@redhat.com 2018-06-04 09:30:46 UTC 
Verify the bug with below builds:
virt-v2v-1.38.2-3.el7.x86_64
libguestfs-1.38.2-3.el7.x86_64
libvirt-4.3.0-1.el7.x86_64
qemu-kvm-rhev-2.12.0-3.el7.x86_64


Steps:
Scenario1:
1.1 Prepare a rhel7.5 guest on ESXi6.7 and modify guest's /etc/selinux/config as below:
#cat /etc/selinux/config

  # This file controls the state of SELinux on the system.
  # SELINUX= can take one of these three values:
  #     enforcing - SELinux security policy is enforced.
  #     permissive - SELinux prints warnings instead of enforcing.
  #     disabled - No SELinux policy is loaded.
  SELINUX=enforcing
  # SELINUXTYPE= can take one of these two values:
  #     targeted - Targeted processes are protected,
  #     mls - Multi Level Security protection.
  SELINUX=enforcing

1.2 Use virt-v2v to convert the guest to rhv and conversion could be finished without error
#  virt-v2v -ic vpx://root.73.141/data/10.73.75.219?no_verify=1 esx6.7-rhel7.5-x86_64 -o rhv -os 10.66.144.40:/home/nfs_export -b ovirtmgmt --password-file /tmp/passwd
[   0.0] Opening the source -i libvirt -ic vpx://root.73.141/data/10.73.75.219?no_verify=1 esx6.7-rhel7.5-x86_64
[   2.0] Creating an overlay to protect the source from being modified
[   3.1] Initializing the target -o rhv -os 10.66.144.40:/home/nfs_export
[   3.4] Opening the overlay
[  26.6] Inspecting the overlay
[ 206.8] Checking for sufficient free disk space in the guest
[ 206.8] Estimating space required on target for each disk
[ 206.8] Converting Red Hat Enterprise Linux Server 7.5 (Maipo) to run on KVM
virt-v2v: This guest has virtio drivers installed.
[1544.8] Mapping filesystem data to avoid copying unused and blank areas
[1551.4] Closing the overlay
[1554.8] Checking if the guest needs BIOS or UEFI to boot
[1554.8] Assigning disks to buses
[1554.8] Copying disk 1/1 to /tmp/v2v.7RYevN/ea9cb06f-8bf9-4fc8-a247-478e754d898a/images/934071de-bc9f-4f53-9eaa-57430651a46a/e5367eeb-1471-4335-a542-e816bc4cfb28 (raw)
    (100.00/100%)
[2332.5] Creating output metadata
[2332.6] Finishing off

1.3 Import guest from export domain to data domain on rhv, checkpoints of guests are passed


Scenario2:
2.1 Prepare a rhel6.9 guest on ESXi6.5 and modify guest's /etc/selinux/config as below:
#cat /etc/selinux/config

  # This file controls the state of SELinux on the system.
  # SELINUX= can take one of these three values:
  #     enforcing - SELinux security policy is enforced.
  #     permissive - SELinux prints warnings instead of enforcing.
  #     disabled - No SELinux policy is loaded.
  SELINUX=enforcing
  # SELINUXTYPE= can take one of these two values:
  #     targeted - Targeted processes are protected,
  #     mls - Multi Level Security protection.
  #SELINUXTYPE=targeted

2.2 Use virt-v2v to convert the guest to rhv and conversion could be finished without error
# virt-v2v -ic vpx://root.73.141/data/10.73.196.89?no_verify=1 esx6.5-rhel6.9-x86_64 -o rhv -os 10.66.144.40:/home/nfs_export -b ovirtmgmt --password-file /tmp/passwd
[   0.0] Opening the source -i libvirt -ic vpx://root.73.141/data/10.73.196.89?no_verify=1 esx6.5-rhel6.9-x86_64
[   2.1] Creating an overlay to protect the source from being modified
[   3.1] Initializing the target -o rhv -os 10.66.144.40:/home/nfs_export
[   3.6] Opening the overlay
[  23.8] Inspecting the overlay
[ 151.6] Checking for sufficient free disk space in the guest
[ 151.6] Estimating space required on target for each disk
[ 151.6] Converting Red Hat Enterprise Linux Server release 6.9 (Santiago) to run on KVM
virt-v2v: This guest has virtio drivers installed.
[1182.9] Mapping filesystem data to avoid copying unused and blank areas
[1186.4] Closing the overlay
[1187.8] Checking if the guest needs BIOS or UEFI to boot
[1187.8] Assigning disks to buses
[1187.8] Copying disk 1/1 to /tmp/v2v.pqxJQo/ea9cb06f-8bf9-4fc8-a247-478e754d898a/images/30548e28-653e-4e64-83da-a4d2916a0014/220068c5-7be2-401d-b80d-8df1ed71de7a (raw)
    (100.00/100%)
[2002.5] Creating output metadata
[2002.7] Finishing off

2.3 Import guest from export domain to data domain on rhv, checkpoints of guests are passed



Result:

  Virt-v2v conversion could be finished without error and checkpoints of guests are passed when there is no SELINUXTYPE setting in linux guest's selinux config,so move this bug from ON_QA to VERIFIED
Comment 11 errata-xmlrpc 2018-10-30 07:45:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:3021
Note You need to log in before you can comment on or make changes to this bug.