Bug 754182 - libvirt fails to initialize nwfilter when /tmp is mounted with noexec option
libvirt fails to initialize nwfilter when /tmp is mounted with noexec option
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt (Show other bugs)
All Linux
high Severity medium
: rc
: ---
Assigned To: Daniel Veillard
Virtualization Bugs
: ZStream
Depends On: 752255
  Show dependency treegraph
Reported: 2011-11-15 11:15 EST by RHEL Product and Program Management
Modified: 2011-12-06 14:29 EST (History)
17 users (show)

See Also:
Fixed In Version: libvirt-0.9.4-23.el6_2.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-12-06 14:29:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description RHEL Product and Program Management 2011-11-15 11:15:08 EST
This bug has been copied from bug #752255 and has been proposed
to be backported to 6.2 z-stream (EUS).
Comment 4 Daniel Veillard 2011-11-15 21:56:29 EST
Okay, fixed package is built,

Comment 6 Huang Wenlong 2011-11-16 01:16:08 EST
Verify this bug with :

1)Create a lv(vg_intelw352081-tmp) or a new partition(sda7)  .mkfs it and mount

2)#mount /dev/mapper/vg_intelw352081-tmp /mnt/tmp

3)#/bin/cp -ar /tmp/* /tmp/.* /mnt/ 

4)#umount /mnt/tmp 

5)#mount /dev/mapper/vg_intelw352081-tmp  /tmp -o noexec,nosuid 

6)#service libvirtd restart 

7)Need add a nwfilter in test's xml ,like this : 

 <interface type='bridge'>
      <mac address='52:54:00:61:cd:ed'/>
      <source bridge='breth0'/>
      <filterref filter='clean-traffic'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03'

8)#virsh start test   
Domain test started
Comment 7 errata-xmlrpc 2011-12-06 14:29:54 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.