[libvirt-users] Strange libvirt exit status 1 (LXC containers)
Hello, I've encountered the following error, trying to start a domain: error: internal error Child process (PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin LIBVIRT_DEBUG=2 LIBVIRT_LOG_OUTPUTS=2:syslog:libvirtd /usr/libexec/libvirt_lxc --name vm_14 --console 18 --handshake 21 --background --veth veth1) status unexpected: exit status 1 I see nothing relevant in syslog, google searches have returned nothing. Starting libvirt_lxc manually seems to work (the process never returns), but of course the VMs do not start. I am at a loss on what to do next. I'm running Ubuntu 10.04, which is itself a guest system running under virtual box (host is OSX Lion). I've compiled libvirt from git (using /usr as the --prefix, after removing the OS package), LXC containers are installed from a PPA, as the default Ubuntu kernel doesn't enable network namespaces. LXC itself doesn't appear to be a problem, as I can start VMs with lxc-start. Since I required libvirt's API, using LXC directly is not desirable. Does anyone have any tips on what I should be looking for? Thanks. -- Stephen -- Domain definition follows: <domain type='lxc'> <name>vm_14</name> <uuid>9243fb5b-6b26-44af-7408-69c7f2d4ff03</uuid> <memory>262144</memory> <currentMemory>262144</currentMemory> <vcpu>1</vcpu> <os> <type arch='x86_64'>exe</type> <init>/sbin/init</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>preserve</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <filesystem type='mount' accessmode='passthrough'> <source dir='/var/lib/lxc/vmpea/rootfs/'/> <target dir='/'/> <readonly/> </filesystem> <filesystem type='mount' accessmode='passthrough'> <source dir='/home/lxcadmin/repositories/14'/> <target dir='/home/lxcmaster'/> </filesystem> <interface type='network'> <mac address='52:54:00:10:7a:e7'/> <source network='default'/> <target dev='veth0'/> </interface> <console type='pty'> <target type='serial' port='0'/> </console> </devices> </domain>
Answering myself. I've enabled as much logging as possible, and asked libvirt to log lxc. This is the result: 2011-08-23 22:19:08.778: starting up PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin LIBVIRT_DEBUG=1 LIBVIRT_LOG_OUTPUTS=1:syslog:libvirtd /usr/libexec/libvirt_lxc --name vm_14 --console 18 --handshake 21 --background --veth veth1 22:19:08.791: 10215: info : libvirt version: 0.9.4 22:19:08.791: 10215: debug : virCommandHook:1962 : Hook is done 0 libvir: error : cannot execute binary /usr/libexec/libvirt_lxc: Permission denied Stil not sure what would prevent libvirt_lxc execution - tested with an unprivileged user and it was able to run the binary (but not actually start the VMs). The error message seem to indicate that the 'exec' call failed. Nothing shows on app armor (disabled it) or other logs in general. -- Stephen On Aug 23, 2011, at 7:56 PM, Stephen Eilert wrote:
Hello,
I've encountered the following error, trying to start a domain:
error: internal error Child process (PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin LIBVIRT_DEBUG=2 LIBVIRT_LOG_OUTPUTS=2:syslog:libvirtd /usr/libexec/libvirt_lxc --name vm_14 --console 18 --handshake 21 --background --veth veth1) status unexpected: exit status 1
I see nothing relevant in syslog, google searches have returned nothing. Starting libvirt_lxc manually seems to work (the process never returns), but of course the VMs do not start.
I am at a loss on what to do next. I'm running Ubuntu 10.04, which is itself a guest system running under virtual box (host is OSX Lion). I've compiled libvirt from git (using /usr as the --prefix, after removing the OS package), LXC containers are installed from a PPA, as the default Ubuntu kernel doesn't enable network namespaces. LXC itself doesn't appear to be a problem, as I can start VMs with lxc-start. Since I required libvirt's API, using LXC directly is not desirable.
Does anyone have any tips on what I should be looking for? Thanks.
-- Stephen
-- Domain definition follows:
<domain type='lxc'> <name>vm_14</name> <uuid>9243fb5b-6b26-44af-7408-69c7f2d4ff03</uuid> <memory>262144</memory> <currentMemory>262144</currentMemory> <vcpu>1</vcpu> <os> <type arch='x86_64'>exe</type> <init>/sbin/init</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>preserve</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <filesystem type='mount' accessmode='passthrough'> <source dir='/var/lib/lxc/vmpea/rootfs/'/> <target dir='/'/> <readonly/> </filesystem> <filesystem type='mount' accessmode='passthrough'> <source dir='/home/lxcadmin/repositories/14'/> <target dir='/home/lxcmaster'/> </filesystem> <interface type='network'> <mac address='52:54:00:10:7a:e7'/> <source network='default'/> <target dev='veth0'/> </interface> <console type='pty'> <target type='serial' port='0'/> </console> </devices> </domain>
Again, replying to myself. It seems that my assessment that app armor wasn't interfering was mistaken. Found it in the logs: Aug 23 22:55:44 pea kernel: [17442.226663] type=1400 audit(1314150944.573:64): a pparmor="DENIED" operation="exec" parent=10501 profile="/usr/sbin/libvirtd" name ="/usr/libexec/libvirt_lxc" pid=10712 comm="libvirtd" requested_mask="x" denied_ mask="x" fsuid=0 ouid=0 Sorry for all the noise. -- Stephen On Aug 23, 2011, at 10:08 PM, Stephen Eilert wrote:
Answering myself. I've enabled as much logging as possible, and asked libvirt to log lxc. This is the result:
2011-08-23 22:19:08.778: starting up PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin LIBVIRT_DEBUG=1 LIBVIRT_LOG_OUTPUTS=1:syslog:libvirtd /usr/libexec/libvirt_lxc --name vm_14 --console 18 --handshake 21 --background --veth veth1 22:19:08.791: 10215: info : libvirt version: 0.9.4 22:19:08.791: 10215: debug : virCommandHook:1962 : Hook is done 0 libvir: error : cannot execute binary /usr/libexec/libvirt_lxc: Permission denied
Stil not sure what would prevent libvirt_lxc execution - tested with an unprivileged user and it was able to run the binary (but not actually start the VMs). The error message seem to indicate that the 'exec' call failed. Nothing shows on app armor (disabled it) or other logs in general.
-- Stephen
On Aug 23, 2011, at 7:56 PM, Stephen Eilert wrote:
Hello,
I've encountered the following error, trying to start a domain:
error: internal error Child process (PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin LIBVIRT_DEBUG=2 LIBVIRT_LOG_OUTPUTS=2:syslog:libvirtd /usr/libexec/libvirt_lxc --name vm_14 --console 18 --handshake 21 --background --veth veth1) status unexpected: exit status 1
I see nothing relevant in syslog, google searches have returned nothing. Starting libvirt_lxc manually seems to work (the process never returns), but of course the VMs do not start.
I am at a loss on what to do next. I'm running Ubuntu 10.04, which is itself a guest system running under virtual box (host is OSX Lion). I've compiled libvirt from git (using /usr as the --prefix, after removing the OS package), LXC containers are installed from a PPA, as the default Ubuntu kernel doesn't enable network namespaces. LXC itself doesn't appear to be a problem, as I can start VMs with lxc-start. Since I required libvirt's API, using LXC directly is not desirable.
Does anyone have any tips on what I should be looking for? Thanks.
-- Stephen
-- Domain definition follows:
<domain type='lxc'> <name>vm_14</name> <uuid>9243fb5b-6b26-44af-7408-69c7f2d4ff03</uuid> <memory>262144</memory> <currentMemory>262144</currentMemory> <vcpu>1</vcpu> <os> <type arch='x86_64'>exe</type> <init>/sbin/init</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>preserve</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <filesystem type='mount' accessmode='passthrough'> <source dir='/var/lib/lxc/vmpea/rootfs/'/> <target dir='/'/> <readonly/> </filesystem> <filesystem type='mount' accessmode='passthrough'> <source dir='/home/lxcadmin/repositories/14'/> <target dir='/home/lxcmaster'/> </filesystem> <interface type='network'> <mac address='52:54:00:10:7a:e7'/> <source network='default'/> <target dev='veth0'/> </interface> <console type='pty'> <target type='serial' port='0'/> </console> </devices> </domain>
participants (1)
-
Stephen Eilert