Bug 1571969 - Starting libvirt causes "rpm -V libvirt-daemon-config-nwfilter" to fail
Summary: Starting libvirt causes "rpm -V libvirt-daemon-config-nwfilter" to fail
Keywords:
Status: CLOSED DUPLICATE of bug 1559284
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt
Version: 7.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Libvirt Maintainers
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks: 1436519
TreeView+ depends on / blocked
 
Reported: 2018-04-25 20:12 UTC by Ryan Barry
Modified: 2018-04-26 03:23 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-04-26 03:23:15 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Ryan Barry 2018-04-25 20:12:04 UTC
Description of problem:
Starting libvirt for the first time causes it to remove and recreate all files in /etc/libvirt/nwfilter, except they are created as 0600 instead of 0644, which causes verification to fail

Version-Release number of selected component (if applicable):
libvirt.x86_64 0:3.9.0-14.el7_5.2 

How reproducible:
100%

Steps to Reproduce:
1. Install 7.5
2. Install libvirt
3. rpm -V libvirt-config-daemon-nwfilter
4. systemctl start libvirtd.service
5. rpm -V libvirt-config-daemon-nwfilter

Actual results:
[root@localhost ~]# rpm -V libvirt-daemon-config-nwfilter
[root@localhost ~]# service libvirtd start
Redirecting to /bin/systemctl start libvirtd.service
[root@localhost ~]# rpm -V libvirt-daemon-config-nwfilter
.M.......  g /etc/libvirt/nwfilter/allow-arp.xml
.M.......  g /etc/libvirt/nwfilter/allow-dhcp-server.xml
.M.......  g /etc/libvirt/nwfilter/allow-dhcp.xml
.M.......  g /etc/libvirt/nwfilter/allow-incoming-ipv4.xml
.M.......  g /etc/libvirt/nwfilter/allow-ipv4.xml
.M.......  g /etc/libvirt/nwfilter/clean-traffic.xml
.M.......  g /etc/libvirt/nwfilter/no-arp-ip-spoofing.xml
.M.......  g /etc/libvirt/nwfilter/no-arp-mac-spoofing.xml
.M.......  g /etc/libvirt/nwfilter/no-arp-spoofing.xml
.M.......  g /etc/libvirt/nwfilter/no-ip-multicast.xml
.M.......  g /etc/libvirt/nwfilter/no-ip-spoofing.xml
.M.......  g /etc/libvirt/nwfilter/no-mac-broadcast.xml
.M.......  g /etc/libvirt/nwfilter/no-mac-spoofing.xml
.M.......  g /etc/libvirt/nwfilter/no-other-l2-traffic.xml
.M.......  g /etc/libvirt/nwfilter/no-other-rarp-traffic.xml
.M.......  g /etc/libvirt/nwfilter/qemu-announce-self-rarp.xml
.M.......  g /etc/libvirt/nwfilter/qemu-announce-self.xml


Expected results:
libvirt should use the correct permissions

Additional info:

Comment 3 yalzhang@redhat.com 2018-04-26 03:23:15 UTC

*** This bug has been marked as a duplicate of bug 1559284 ***


Note You need to log in before you can comment on or make changes to this bug.