Bug 516034 - libvirt is not chowning kernel/initrd images before launching qemu
libvirt is not chowning kernel/initrd images before launching qemu
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: libvirt (Show other bugs)
rawhide
All Linux
high Severity high
: ---
: ---
Assigned To: Daniel Veillard
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F12VirtBlocker
  Show dependency treegraph
 
Reported: 2009-08-06 09:42 EDT by James Laska
Modified: 2013-09-02 02:37 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-08-06 12:23:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
/var/log/libvirt/qemu/RATS.log (6.05 KB, text/plain)
2009-08-06 09:42 EDT, James Laska
no flags Details

  None (edit)
Description James Laska 2009-08-06 09:42:00 EDT
Created attachment 356510 [details]
/var/log/libvirt/qemu/RATS.log

Description of problem:

Attempting a virt-install of F12-Alpha on an F12-Alpha host fails.

Version-Release number of selected component (if applicable):

 * kernel-2.6.31-0.125.rc5.git2.fc12.x86_64
 * qemu-common-0.10.91-0.4.rc1.fc12.x86_64
 * libvirt-0.7.0-0.9.gite195b43.fc12.x86_64
 * qemu-system-x86-0.10.91-0.4.rc1.fc12.x86_64
 * qemu-img-0.10.91-0.4.rc1.fc12.x86_64
 * qemu-kvm-0.10.91-0.4.rc1.fc12.x86_64
 * gpxe-roms-qemu-0.9.7-5.fc12.noarch

How reproducible:

 * seems to happen every time with selinux=permissive (and enforcing)

Steps to Reproduce:
1. virt-install --name RATS --ram 512 --vcpus 1 --os-type linux --os-variant fedora11 --extra-args "serial console=ttyS0" --disk path=/var/lib/libvirt/images/RATS.img,size=8,sparse=false --network network:default --location http://download.fedoraproject.org/pub/fedora/linux/development/x86_64/os  --nographics --noautoconsole
  
Actual results:

Starting install...
Retrieving file .treeinfo...                                                   | 2.4 kB     00:00 ... 
Retrieving file vmlinuz...                                                     | 5.7 MB     00:00 ... 
Retrieving file initrd.img...                                                  |  44 MB     00:00 ... 
ERROR    internal error unable to start guest: char device redirected to /dev/pts/1
qemu: could not load kernel '/var/lib/libvirt/boot/virtinst-vmlinuz.CVHJDC'

Domain installation may not have been
 successful.  If it was, you can restart your domain
 by running 'virsh start RATS'; otherwise, please
 restart your installation.
ERROR    internal error unable to start guest: char device redirected to /dev/pts/1
qemu: could not load kernel '/var/lib/libvirt/boot/virtinst-vmlinuz.CVHJDC'
Traceback (most recent call last):
  File "/usr/sbin/virt-install", line 929, in <module>
    main()
  File "/usr/sbin/virt-install", line 825, in main
    start_time, guest.start_install)
  File "/usr/sbin/virt-install", line 880, in do_install
    dom = install_func(conscb, progresscb, wait=(not wait))
  File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 628, in start_install
    return self._do_install(consolecb, meter, removeOld, wait)
  File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 726, in _do_install
    self.domain = self.conn.createLinux(install_xml, 0)
  File "/usr/lib64/python2.6/site-packages/libvirt.py", line 1077, in createLinux
    if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: internal error unable to start guest: char device redirected to /dev/pts/1
qemu: could not load kernel '/var/lib/libvirt/boot/virtinst-vmlinuz.CVHJDC'

Expected results:

 * virt-install to start the guest

Additional info:
Comment 1 Daniel Berrange 2009-08-06 09:49:53 EDT
Oh, i think this is probably due to us forgetting to chown() the kenrel/initrd image to be readable by the 'qemu' user that VMs now run as.

As a quick hack, you can edit /etc/libvirt/qemu.conf and set  user="root" and group="root", and chown  /var/lib/libvirt/images  back to root:root.  if it then works, then this is a libvirt bug.
Comment 2 Mark McLoughlin 2009-08-06 09:50:20 EDT
Okay, problem seems to be that we're not chowning the kernel and initrd before spawning qemu

This should be done in e.g. qemuDomainSetDeviceOwnership()
Comment 3 Mark McLoughlin 2009-08-06 10:56:48 EDT
Patch posted upstream:

  http://www.redhat.com/archives/libvir-list/2009-August/msg00118.html
Comment 4 James Laska 2009-08-06 10:59:35 EDT
After making the suggested change in comment#1

 1. Change user/group = root in '/etc/libvirt/qemu.conf'
 2. chown root:root /var/lib/libvirt/images

virt-install fails with ...

Traceback (most recent call last):
  File "/usr/sbin/virt-install", line 929, in <module>
    main()
  File "/usr/sbin/virt-install", line 825, in main
    start_time, guest.start_install)
  File "/usr/sbin/virt-install", line 880, in do_install
    dom = install_func(conscb, progresscb, wait=(not wait))
  File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 628, in start_install
    return self._do_install(consolecb, meter, removeOld, wait)
  File "/usr/lib/python2.6/site-packages/virtinst/Guest.py", line 726, in _do_install
    self.domain = self.conn.createLinux(install_xml, 0)
  File "/usr/lib64/python2.6/site-packages/libvirt.py", line 1077, in createLinux
    if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: internal error unable to start guest: bind(unix:/var/run/libvirt/qemu/RATS.monitor): Permission denied
qemu: could not open monitor device 'unix:/var/run/libvirt/qemu/RATS.monitor,server,nowait'


More chown'ing needed?
Comment 5 Daniel Berrange 2009-08-06 11:08:40 EDT
Yeha, ignore my suggestion - its not worth the hassle of chown'ing stuff - put it back to qemu:qemu.  Mark has a patch in libvirt for rawhide already....
Comment 6 Mark McLoughlin 2009-08-06 11:49:31 EDT
(In reply to comment #4)

> libvirtError: internal error unable to start guest:
> bind(unix:/var/run/libvirt/qemu/RATS.monitor): Permission denied
> qemu: could not open monitor device
> 'unix:/var/run/libvirt/qemu/RATS.monitor,server,nowait'

virt-install is working fine for me now with:

  libvirt-0.7.0-2.fc12.x86_64
  qemu-kvm-0.10.91-0.4.rc1.fc12.x86_64
  selinux-policy-3.6.26-6.fc12.noarch
  python-virtinst-0.500.0-1.fc12.noarch

if this "could not open monitor device" error persists for you, please open a new bug
Comment 7 Mark McLoughlin 2009-08-06 12:23:16 EDT
f12-alpha tag request:

  https://fedorahosted.org/rel-eng/ticket/2051

* Thu Aug  6 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-2
- Make sure qemu can access kernel/initrd (bug #516034)
- Set perms on /var/lib/libvirt/boot to 0711 (bug #516034)

Note You need to log in before you can comment on or make changes to this bug.