Bug 770488 - permission denied error for sanlock, libvirt should show error message mention virt_use_sanlock
Summary: permission denied error for sanlock, libvirt should show error message mentio...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt
Version: unspecified
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Peter Krempa
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-12-27 02:35 UTC by Huang Wenlong
Modified: 2016-04-26 21:29 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-10-05 05:57:41 UTC
Embargoed:

Attachments (Terms of Use)

Description Huang Wenlong 2011-12-27 02:35:23 UTC 
Description of problem:

permission denied error for sanlock,  libvirt should show error message
mention virt_use_sanlock
there is a bug about virt_use_nfs error message it has been fixed :https://bugzilla.redhat.com/show_bug.cgi?id=589922

Version-Release number of selected component (if applicable):
libvirt-0.9.8-1.el6.x86_64

How reproducible:
100%

Steps to Reproduce:

1. install libvirt-lock-sanlock and configure
# service libvirtd stop
# yum install /usr/bin/augtool
#augtool
augtool>  set /files/etc/libvirt/qemu.conf/lock_manager "sanlock"
augtool>  set /files/etc/libvirt/qemu-sanlock.conf/host_id 1
augtool>  set
/files/etc/libvirt/qemu-sanlock.conf/auto_disk_leases
1
augtool>  set /files/etc/libvirt/qemu-sanlock.conf/disk_lease_dir
"/var/lib/libvirt/sanlock"
augtool>  save Saved 1 file(s) augtool>  quit
# echo 'SANLOCKOPTS="-w 0"'>  /etc/sysconfig/sanlock
# /etc/init.d/sanlock start Starting sanlock: [ OK ]

set log_outputs="1:file:/tmp/libvirtd.log" in
/etc/libvirt/libvirtd.conf


# service libvirtd start

2. try to start a guest
# virsh start demo1
error: Failed to start domain demo1
error: internal error Failed to open socket to sanlock daemon:
Permission denied

3.check the  /tmp/libvirtd.log
# cat /tmp/libvirtd.log
2011-12-23 05:28:48.222+0000: 13359: info : libvirt version:
0.9.8,
package: 1.el6 (Red Hat,
Inc.<http://bugzilla.redhat.com/bugzilla>,
2011-12-08-10:01:37, x86-008.build.bos.redhat.com)
2011-12-23 05:28:48.222+0000: 13359: error :
virCommandHandshakeWait:2391 : internal error Failed to open
socket
to
sanlock daemon: Permission denied
2011-12-23 05:38:03.805+0000: 13358: warning :
qemuDomainObjTaint:1134 :
Domain id=2 name='t' uuid=74884557-11b3-2fca-f713-56424eacafe6 is
tainted: shell-scripts
2011-12-23 05:38:03.856+0000: 13358: error :
virCommandHandshakeWait:2391 : internal error Unable to query
sector
size /var/lib/libvirt/sanlock/aa958ec678f0b979290070114d6b4777:
Permission denied



Actual results:
No mention virt_use_sanlock

Expected results:
mention virt_use_sanlock

Additional info:
where are some options  in selinux, should libvirt mention them
when
libvirt block by virt_use_*-->off ?

# getsebool -a|grep virt
virt_use_comm -->  off
virt_use_fusefs -->  off
virt_use_nfs -->  on
virt_use_samba -->  off
virt_use_sanlock -->  off
virt_use_sysfs -->  on
virt_use_usb -->  on
virt_use_xserver -->  off
Comment 1 Peter Krempa 2012-05-24 10:59:36 UTC 
We definitely should document the need to enable the sebool to support sanlock on a SELinux machine. On the other hand printing of the error message wasn't accepted very well upstream.
Comment 4 Peter Krempa 2015-10-05 05:57:41 UTC 
Sanlock is not the preferred lock manager any more.
Note You need to log in before you can comment on or make changes to this bug.