Bug 754182 - libvirt fails to initialize nwfilter when /tmp is mounted with noexec option
libvirt fails to initialize nwfilter when /tmp is mounted with noexec option
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt (Show other bugs)
6.2
All Linux
high Severity medium
: rc
: ---
Assigned To: Daniel Veillard
Virtualization Bugs
: ZStream
Depends On: 752255
Blocks:
  Show dependency treegraph
 
Reported: 2011-11-15 11:15 EST by RHEL Product and Program Management
Modified: 2011-12-06 14:29 EST (History)
17 users (show)

See Also:
Fixed In Version: libvirt-0.9.4-23.el6_2.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-12-06 14:29:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description RHEL Product and Program Management 2011-11-15 11:15:08 EST
This bug has been copied from bug #752255 and has been proposed
to be backported to 6.2 z-stream (EUS).
Comment 4 Daniel Veillard 2011-11-15 21:56:29 EST
Okay, fixed package is built,

Daniel
Comment 6 Huang Wenlong 2011-11-16 01:16:08 EST
Verify this bug with :
libvirt-0.9.4-23.el6_2.1.x86_64
qemu-kvm-0.12.1.2-2.209.el6.x86_64

Steps: 
1)Create a lv(vg_intelw352081-tmp) or a new partition(sda7)  .mkfs it and mount
it 

2)#mount /dev/mapper/vg_intelw352081-tmp /mnt/tmp

3)#/bin/cp -ar /tmp/* /tmp/.* /mnt/ 

4)#umount /mnt/tmp 

5)#mount /dev/mapper/vg_intelw352081-tmp  /tmp -o noexec,nosuid 

6)#service libvirtd restart 


7)Need add a nwfilter in test's xml ,like this : 

 <interface type='bridge'>
      <mac address='52:54:00:61:cd:ed'/>
      <source bridge='breth0'/>
      <filterref filter='clean-traffic'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03'
function='0x0'/>
    </interface>


8)#virsh start test   
Domain test started
Comment 7 errata-xmlrpc 2011-12-06 14:29:54 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1778.html

Note You need to log in before you can comment on or make changes to this bug.