October 2016 - Users - libvirt List Archives

[libvirt-users] Failed to launch libvirt 1.2.7
by Marina Danial 25 Oct '16

25 Oct '16

Hello, I am currently working on Redhat 6 - Kernel 2.6.32-358.el6.x86_64. It has by default libvirt 0.10.2. I wanted version 1.2.7. So I downloaded this and libvirt-1.2.7.tar.gz and I followed the following steps: 1. ./configure (with its default settings) 2. make 3. make install Currently, the installation is in: /usr/local and the source tree is in /export/home/libvirt. I stopped the previously installed daemon so that the new one takes effect. I launched the daemon from /export/home/libvirt/daemon/libvirtd -d. However every time I launch the C++ code, this message appears: libvir: XML-RPC error : Failed to connect socket to '/var/run/libvirt/libvirt-sock': No such file or directory Failed to open connection to qemu:///system My questions are: 1. How can I launch the daemon from the source tree? It does not behave as it should when it is launched from /etc/init.d 2. How can any application e.g. virt-manager look at the new paths of the newly installed libvirt? 3. How can I get libvirt to work from the source tree as if it was originally installed in Redhat? Thanks Marina

5 4

[libvirt-users] security BPC
by Michael Ströder 20 Oct '16

20 Oct '16

HI! Disclaimer: I'm a libvirt beginner using it for managing virtual machines based on qemu-kvm. Is there any documentation describing how to harden libvirt/qemu-kvm installations? Escpecially how to improve isolation of VMs: - secure time sync (with or without ntpd?) - random number generation - running VMs as different host OS users I do not need general OS hardening advice. Ciao, Michael.

3 2

[libvirt-users] Passing "migratable=no" to qemu in domain's XML
by Žilvinas Žaltiena 20 Oct '16

20 Oct '16

Hi, I want to use Invariant TSC with qemu, and to do that qemu must get the following args: "-cpu host,migratable=no,+invtsc". invtsc works only if migratable=no is passed too. The "+invtsc" part is sucessfully handled by using <feature name="invtsc"/> inside domain's XML, however I don't how/where to put the "migratable=no" there. Is there an elegant way to pass "migratable=no" to qemu via domain's XML without using <qemu:arg/> tags?

1 0

[libvirt-users] Libvirt newer than 2.1.0 doesnt start up
by Rene Pasing 19 Oct '16

19 Oct '16

Hi all, I have some problems with libvirt >2.1.0 (so 2.2.0 and 2.3.0): I have a working environment using libvirt 2.1.0 with 1 domain (called "mail") and one network (called "default6"), both are autostarted. I have no problems with this environment using libvirt 2.1.0, everything works great. But after (testwise) updating to libvirt 2.2.0 or 2.3.0, libvirt doesn't start up anymore. Some investigations showed that apparently my "default6" network is the problem. Libvirt is starting correctly after disabling all autostarts. When I then virsh' into the system daemon and type "net-start default6", then nothing happens and that command just hangs infinitely. Further information, relevant log entries and e.g. the used default6.xml configuration file can be found here, as I first thought it would be a configuration error from my side: https://bbs.archlinux.org/viewtopic.php?pid=1653221 Do you maybe have an idea what could be going on? Or do you maybe need more information, and if yes, which exactly? Thanks in advance Regards Rene

3 3

[libvirt-users] Fw: HELP
by zhunxun＠gmail.com 18 Oct '16

18 Oct '16

zhunxun(a)gmail.com From: zhunxun(a)gmail.com Date: 2016-10-18 18:46 To: berrange Subject: HELP Now I want to get qemu:commandline XML content in Libvirt,and then do my own job,but I do not know how to do it.Can you help me?? thank you ! the xml content is follows: <qemu:commandline> <qemu:arg value='-enable-kvm'/> <qemu:arg value='-drive'/> <qemu:arg value='file=/root/nvram_2.0-jin.qcow2,if=none,id=nvram0-0-0,format=qcow2'/> <qemu:arg value='-device'/> <qemu:arg value='tpm-tis,tpmdev=tpm-tpm0,id=tpm0'/> <qemu:arg value='-tpmdev'/> <qemu:arg value='libtpms,id=tpm-tpm0,nvram=nvram0-0-0,startup=clear'/> <qemu:arg value='-bios'/> <qemu:arg value='/root/xenSeabios/out/bios.bin'/> </qemu:commandline> Now I want to get third file path,how can I get it ?? thanks very much!! zhunxun(a)gmail.com

1 0

[libvirt-users] Fwd: Libvirt adds extra parameters in domain XML
by Marina Danial 18 Oct '16

18 Oct '16

I have a predetermined set of commands that I want to launch qemu with: sudo `which qemu-system-x86_64` -m 4G $(IMAGE) -enable-kvm \ -nographic \ -net nic,model=virtio,netdev=net0,macaddr=$(MAC),vlan=0 \ -netdev tap,id=net0,ifname=tap01,vhost=on,script=no,downscript=no \ -net nic,model=virtio,netdev=net1,macaddr=$(MANAGE_MAC),vlan=1 \ -netdev tap,id=net1,ifname=tap02,vhost=on,script=no,downscript=no \ I dont need any extra configuration from libvirt. is this possible? Or can anyone help with a possible xml configuration ? On Thu, Oct 13, 2016 at 1:13 PM, Martin Kletzander <mkletzan(a)redhat.com> wrote: > On Thu, Oct 13, 2016 at 11:49:44AM +0200, Marina Danial wrote: > >> Hello, >> >> In my C++ code, I generate my own domain XML file and I >> use virDomainCreateXML or virDomainDefineXML to launch my qemu VM. >> However, >> when I get to check which commands are sent to the qemu commandline, I >> find >> that libvirt has added so many extra parameters to the ones I have already >> set. How can I prevent libvirt from adding any extra parameters to the >> ones >> I originally defined in the domain XML? >> >> > What problems are you having with those? What specific ones are > problematic for you? Libvirt adds a lot of things so that the domain is > predictable, it can talk to it later on and so on. Some of them are > adding the same things you would have there without -no-defconfig and > similar. Just so we can guarantee some compatibility etc. > > Help will be highly appreciated. >> >> >> Thanks >> > > _______________________________________________ >> libvirt-users mailing list >> libvirt-users(a)redhat.com >> https://www.redhat.com/mailman/listinfo/libvirt-users >> >

3 3

[libvirt-users] How to tell spicy client to use SASL authentication?
by mordenkainen 14 Oct '16

14 Oct '16

I'm using libvirt in desktop environment. Single host machine, pair of users, a few guest machines. The first thought was that unix socket restricted to specific group is just enough for authentication. But virsh has the power like sudo: you could define pool on real device and write anything on it. So I decided to authenticate with password for each virsh use. I'm using SASL + saslauthd + PAM for that case. /etc/sasl2/libvirt.conf: mech_list: PLAIN pwcheck_method: saslauthd /etc/sasl2/qemu.conf: mech_list: PLAIN pwcheck_method: saslauthd /etc/pam.d/libvirt: auth requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group auth required pam_tally2.so onerr=succeed auth required pam_nologin.so auth required pam_unix.so try_first_pass likeauth nullok account requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group account required pam_nologin.so account required pam_unix.so /etc/pam.d/qemu: auth requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group auth required pam_tally2.so onerr=succeed auth required pam_nologin.so auth required pam_unix.so try_first_pass likeauth nullok account requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group account required pam_nologin.so account required pam_unix.so They are two identical configs for libvirt and for qemu. The first works flawlessly. virsh prompts for user and password and then login me to the shell. But spicy fails. It prompts only for the password and fails after receiving it leaving error message in syslog: Oct 13 23:24:21 paladin spicy[9001]: GSSAPI client step 1 What are the supposed actions I should perform to get further debug informations?

1 0

[libvirt-users] Fwd: Problems connecting to the libvirtd server
by Stefano Ricci 13 Oct '16

13 Oct '16

---------- Forwarded message ---------- From: Stefano Ricci <sfn.rcc(a)gmail.com> Date: 2016-10-11 12:35 GMT+02:00 Subject: Re: [libvirt-users] Problems connecting to the libvirtd server To: Michal Privoznik <mprivozn(a)redhat.com> There is not AppArmor and SElinux is disabled. The permits of the sock are as follows: libvirt-sock-admin 0700 (rwx) root: root libvirt-sock 0700 (rwx) root: root libvirt-sock-ro 0777 (rwxrwxrwx) root: root The libvirtd process runs with the root user. Below you will find the link to the requested log: http://pastebin.com/0jtpWU0h (libvirt_client.log command LIBVIRT_DEBUG = 1 virsh -c qemu: /// system list --all) Stefano 2016-10-11 11:04 GMT+02:00 Michal Privoznik <mprivozn(a)redhat.com>: > > On 10.10.2016 18:36, Stefano Ricci wrote: > > Hello everyone > > I do not know if it is correct address this mailing lists but I can > > not use libvirt. > > I run compile libvirt version 2.2.0 into environment lfs stable with > > qemu 2.7.0 and have not had any problems. > > The program when it starts not report any errors in the log, with > > activated debug level file. > > Only when you try to connect with the following command virsh -c > > qemu:///system remains hung without reporting any error either in the > > logs that screen. > > The command virsh -c test:///default list instead concludes on a regular basis. > > I attach the file libvirt.log and libvirt.conf > > Interesting. Maybe something else is causing the problem? Is there an > AppArmor running? What are the socket perms? Can you attach client debug > logs? (well, maybe paste them somewhere to pastebin-like service) > > http://wiki.libvirt.org/page/DebugLogs > > Michal

2 7

[libvirt-users] problem with disk virtio driver
by Andrei Perietanu 13 Oct '16

13 Oct '16

I just ran into a problem I can't make heads or tails of, so I'm hoping to get some help here. I have a custom built Embedded Linux running qemu-kvm 1.1.2 and libvirt 1.2.20 I'm creating a domain with the following config: <domain type='kvm'> <name>myVM</name> <memory unit='KiB'>2097152</memory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64'>hvm</type> <boot dev='hd'/> <boot dev='cdrom'/> </os> <features> <acpi/> <apic/> </features> <cpu mode='host-model'/> <clock offset='utc'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>restart</on_crash> <devices> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <target dev='hdb' bus='ide'/> <source file='custom.iso'/> <readonly/> </disk> <disk type='file' device='disk'> <driver name='qemu' type='qcow2'/> <source file='/path/to/vdisk.img'/> <target dev='vda' bus='virtio'/> </disk> <controller type='pci' model='pci-root'/> <controller type='usb'/> <controller type='ide'/> <interface type='bridge'> <source bridge='virbr0'/> <model type='virtio'/> </interface> <serial type='pty'> <target port='0'/> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <input type='tablet' bus='usb'/> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='vnc' port='-1' autoport='yes'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1'/> </video> <watchdog model='i6300esb' action='reset'/> <memballoon model='none'/> </devices> </domain> Granted the OS I'm installing is again a custom Linux with some software running on top ..so It's not a well known OS...but I'm hoping that does not matter much. After installation I get all sorts of kernel panics and errors about services not being able to start. So I tried the same thing on ubuntu 14.04.2 LTS which installed qemu-kvm 2.0.0 and libvirt 1.2.2 Same config xml, but this time it worked better -I was not getting the kernel panics. The OS I'm installing does not support IDE disks, it needs a virtio disk. The obvious solution here would be to try and get a newer version of qemu, but since we're talking about a custom built Linux I'd have to add the package manually and compile from source...which cakes a long time to do. So before attempting that....just wondering....is there a better way? Anything I can try? Thanks, Andrei -- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you receive this in error please contact the sender and delete the material from any computer immediately. It is the policy of Klas Limited to disavow the sending of offensive material and should you consider that the material contained in the message is offensive you should contact the sender immediately and also your I.T. Manager. Klas Telecom Inc., a Virginia Corporation with offices at 1101 30th St. NW, Washington, DC 20007. Klas Limited (Company Number 163303) trading as Klas Telecom, an Irish Limited Liability Company, with its registered office at Fourth Floor, One Kilmainham Square, Inchicore Road, Kilmainham, Dublin 8, Ireland.

3 7

[libvirt-users] Libvirt adds extra parameters in domain XML
by Marina Danial 13 Oct '16

13 Oct '16

Hello, In my C++ code, I generate my own domain XML file and I use virDomainCreateXML or virDomainDefineXML to launch my qemu VM. However, when I get to check which commands are sent to the qemu commandline, I find that libvirt has added so many extra parameters to the ones I have already set. How can I prevent libvirt from adding any extra parameters to the ones I originally defined in the domain XML? Help will be highly appreciated. Thanks

2 1