754182 – libvirt fails to initialize nwfilter when /tmp is mounted with noexec option

Bug 754182 - libvirt fails to initialize nwfilter when /tmp is mounted with noexec option

Summary: libvirt fails to initialize nwfilter when /tmp is mounted with noexec option

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	6.2
Hardware:	All
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Daniel Veillard
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:	752255
Blocks:
TreeView+	depends on / blocked

Reported:	2011-11-15 16:15 UTC by RHEL Program Management
Modified:	2011-12-06 19:29 UTC (History)
CC List:	17 users (show)
Fixed In Version:	libvirt-0.9.4-23.el6_2.1
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-12-06 19:29:54 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:1778	0	normal	SHIPPED_LIVE	libvirt bug fix update	2011-12-06 16:12:59 UTC

Description RHEL Program Management 2011-11-15 16:15:08 UTC

This bug has been copied from bug #752255 and has been proposed
to be backported to 6.2 z-stream (EUS).

Comment 4 Daniel Veillard 2011-11-16 02:56:29 UTC

Okay, fixed package is built,

Daniel

Comment 6 Huang Wenlong 2011-11-16 06:16:08 UTC

Verify this bug with :
libvirt-0.9.4-23.el6_2.1.x86_64
qemu-kvm-0.12.1.2-2.209.el6.x86_64

Steps: 
1)Create a lv(vg_intelw352081-tmp) or a new partition(sda7)  .mkfs it and mount
it 

2)#mount /dev/mapper/vg_intelw352081-tmp /mnt/tmp

3)#/bin/cp -ar /tmp/* /tmp/.* /mnt/ 

4)#umount /mnt/tmp 

5)#mount /dev/mapper/vg_intelw352081-tmp  /tmp -o noexec,nosuid 

6)#service libvirtd restart 


7)Need add a nwfilter in test's xml ,like this : 

 <interface type='bridge'>
      <mac address='52:54:00:61:cd:ed'/>
      <source bridge='breth0'/>
      <filterref filter='clean-traffic'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03'
function='0x0'/>
    </interface>


8)#virsh start test   
Domain test started

Comment 7 errata-xmlrpc 2011-12-06 19:29:54 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1778.html

Note You need to log in before you can comment on or make changes to this bug.