9:10 p.m.
May 25 20:50:59 ovirtdev NetworkManager[2370]: <warn>
/sys/devices/virtual/net/vnet0: couldn't determine device driver; ignoring...
root@ovirtdev images]# virsh snapshot-create-as linux snapshot1 "snapshot1"
--disk-only --atomic
error: internal error unable to execute QEMU command 'transaction':
/var/lib/libvirt/images/test.snapshot1: error while creating qcow2: Permission denied
10:41 a.m.
On 05/25/2013 06:40 PM, yue wrote:
May 25 20:50:59 ovirtdev NetworkManager[2370]: <warn>
/sys/devices/virtual/net/vnet0:
couldn't determine device driver; ignoring...
root@ovirtdev <mailto:root@ovirtdev> images]# virsh snapshot-create-as linux
snapshot1
"snapshot1" --disk-only --atomic
error: internal error unable to execute QEMU command 'transaction':
/var/lib/libvirt/images/test.snapshot1: error while creating qcow2: Permission denied
A few questions:
1/ What distribution ?
2/ Versions of libvirt, qemu (some versions?
Please note that, libvirt uses QEMU's 'transaction' command under the hood
when the guest
is 'live'. So, if you're using an older version of QEMU, it might not have
"transaction"
command in it.
3/ Are you using "virsh" independently or are you mangling libvirt commands with
oVirt
environment ? (from your initial post, it appears it's an oVirt node).
--
/kashyap
10:56 a.m.
hi.
my environment: centos 6.3, qemu 1.5(source code build), libvirt
libvirt-0.10.2-18.el6_4.2.x86_64.selinux enforce .
i have 2 questions
1.snapshot. permisson deny.
dumpxml:
<seclabel type='dynamic' model='selinux' relabel='yes'>
<label>system_u:system_r:svirt_t:s0:c33,c172</label>
<imagelabel>system_u:object_r:svirt_image_t:s0:c33,c172</imagelabel>
</seclabel>
command line:
[root@ovirtdev images]# ls -lZ
-rw-r--r--. qemu qemu system_u:object_r:virt_image_t:s0 test.qcow2
image does not have the same MLS?
it does not seem like a selinux problem, because selinix does not record this deny.
2.vnet problem
May 27 09:48:49 ovirtdev NetworkManager[2365]: <warn>
/sys/devices/virtual/net/vnet0: couldn't determine device driver; ignoring...
[root@ovirtdev images]# brctl show
bridge name bridge id STP enabled interfaces
ovirtmgmt 8000.000c290a2351 no eth0
vnet0
what is the reason? does it matter with libvirt?
thanks
At 2013-05-25 23:41:18,"Kashyap Chamarthy" <kchamart(a)redhat.com> wrote:
On 05/25/2013 06:40 PM, yue wrote:
> May 25 20:50:59 ovirtdev NetworkManager[2370]: <warn>
/sys/devices/virtual/net/vnet0:
> couldn't determine device driver; ignoring...
> root@ovirtdev <mailto:root@ovirtdev> images]# virsh snapshot-create-as linux
snapshot1
> "snapshot1" --disk-only --atomic
> error: internal error unable to execute QEMU command 'transaction':
> /var/lib/libvirt/images/test.snapshot1: error while creating qcow2: Permission
denied
A few questions:
1/ What distribution ?
2/ Versions of libvirt, qemu (some versions?
Please note that, libvirt uses QEMU's 'transaction' command under the hood
when the guest
is 'live'. So, if you're using an older version of QEMU, it might not have
"transaction"
command in it.
3/ Are you using "virsh" independently or are you mangling libvirt commands with
oVirt
environment ? (from your initial post, it appears it's an oVirt node).
--
/kashyap
10:41 p.m.
On 05/27/2013 08:26 AM, yue wrote:
hi.
my environment: centos 6.3, qemu 1.5(source code build),
I don't know how you've built or what else have you included/excluded in it.
libvirt libvirt-0.10.2-18.el6_4.2.x86_64.selinux enforce .
i have 2 questions
1.snapshot. permisson deny.
dumpxml:
<seclabel type='dynamic' model='selinux' relabel='yes'>
<label>system_u:system_r:svirt_t:s0:c33,c172</label>
<imagelabel>system_u:object_r:svirt_image_t:s0:c33,c172</imagelabel>
</seclabel>
command line:
[root@ovirtdev images]# ls -lZ
-rw-r--r--. qemu qemu system_u:object_r:virt_image_t:s0 test.qcow2
image does not have the same MLS?
it does not seem like a selinux problem, because selinix does not record this deny.
Also can you check what's the context of your SELinux process ?
$ ps -eZ | grep qemu-kvm
Working here just fine (but this is Fedora 19):
---------
$ ls -lZ /home/test/vmimages/regular-guest.qcow2
-rw-r--r--. qemu qemu system_u:object_r:svirt_image_t:s0:c390,c525
/home/test/vmimages/regular-guest.qcow2
$ ps -eZ | grep -i qemu
system_u:system_r:svirt_t:s0:c390,c525 1969 ? 04:21:20 qemu-system-x86
$ virsh dumpxml regular-guest | grep seclabel -A4
<seclabel type='dynamic' model='selinux' relabel='yes'>
<label>system_u:system_r:svirt_t:s0:c390,c525</label>
<imagelabel>system_u:object_r:svirt_image_t:s0:c390,c525</imagelabel>
</seclabel>
---------
2.vnet problem
May 27 09:48:49 ovirtdev NetworkManager[2365]: <warn>
/sys/devices/virtual/net/vnet0: couldn't determine device driver; ignoring...
[root@ovirtdev images]# brctl show
bridge name bridge id STP enabled interfaces
ovirtmgmt 8000.000c290a2351 no eth0
vnet0
what is the reason? does it matter with libvirt?
thanks
At 2013-05-25 23:41:18,"Kashyap Chamarthy" <kchamart(a)redhat.com> wrote:
> On 05/25/2013 06:40 PM, yue wrote:
>> May 25 20:50:59 ovirtdev NetworkManager[2370]: <warn>
/sys/devices/virtual/net/vnet0:
>> couldn't determine device driver; ignoring...
>> root@ovirtdev <mailto:root@ovirtdev> images]# virsh snapshot-create-as
linux snapshot1
>> "snapshot1" --disk-only --atomic
>> error: internal error unable to execute QEMU command 'transaction':
>> /var/lib/libvirt/images/test.snapshot1: error while creating qcow2: Permission
denied
>
> A few questions:
>
> 1/ What distribution ?
>
> 2/ Versions of libvirt, qemu (some versions?
>
> Please note that, libvirt uses QEMU's 'transaction' command under the
hood when the guest
> is 'live'. So, if you're using an older version of QEMU, it might not
have "transaction"
> command in it.
>
> 3/ Are you using "virsh" independently or are you mangling libvirt commands
with oVirt
> environment ? (from your initial post, it appears it's an oVirt node).
>
>
>
> --
> /kashyap
--
/kashyap
8:05 a.m.
On 05/26/2013 08:56 PM, yue wrote:
[please don't top-post on technical lists]
hi.
my environment: centos 6.3, qemu 1.5(source code build), libvirt
libvirt-0.10.2-18.el6_4.2.x86_64.selinux enforce .
It's best to use the entire stack from your distro, or to self-build the
entire stack. Mixing newer qemu with older libvirt might have
unexpected consequences, and since you are using CentOS, you have no one
to blame but yourself. We are unable to help you here unless you can
reproduce the problem with the latest libvirt.
i have 2 questions
1.snapshot. permisson deny.
dumpxml:
<seclabel type='dynamic' model='selinux' relabel='yes'>
<label>system_u:system_r:svirt_t:s0:c33,c172</label>
<imagelabel>system_u:object_r:svirt_image_t:s0:c33,c172</imagelabel>
</seclabel>
command line:
[root@ovirtdev images]# ls -lZ
-rw-r--r--. qemu qemu system_u:object_r:virt_image_t:s0 test.qcow2
image does not have the same MLS?
it does not seem like a selinux problem, because selinix does not record this deny.
There have been bug fixes in upstream libvirt related to permissions on
snapshot creation, although it's hard to say whether all of those have
been backported into the downstream version of libvirt that you are using.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
4196
days inactive
4198
days old
4 comments
3 participants
participants (3)
-
Eric Blake -
Kashyap Chamarthy -
yue