[Pkg-libvirt-maintainers] Bug#510235: libvirt-bin: virt-manager unable to connect to libvirtd as r/w (full VM management) on a local connection
Miguel Enrique Cobá Martínez
miguel.coba at gmail.com
Tue Dec 30 18:22:04 UTC 2008
Package: libvirt-bin
Version: 0.4.6-10
Severity: grave
Justification: renders package unusable
*** Please type your report below this line ***
After the upgrade of libvirt-bin from 0.4.6-9 to 0.4.6-10 virt-manager
cannot connect to libvirtd using the r/w socket on a local connection.
The changelog date is:
-- Guido Günther <agx at sigxcpu.org> Thu, 18 Dec 2008 16:59:45 +0100
With the previous version it had no problems. I have tested with my
previous config and as a fresh install of libvirt-bin and kvm. Same error:
The error shown is:
Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/engine.py", line 472, in
run_domain
vm.startup()
File "/usr/share/virt-manager/virtManager/domain.py", line 379, in
startup
self.vm.create()
File "/usr/lib/python2.5/site-packages/libvirt.py", line 262, in create
if ret == -1: raise libvirtError ('virDomainCreate() failed', dom=self)
libvirtError: operation virDomainCreate forbidden for read only access
My libvirtd.conf is the default from package install, the only enabled
options are (all the other are in their default state):
unix_sock_group = "libvirt"
unix_sock_rw_perms = "0770"
auth_unix_ro = "none"
auth_unix_rw = "none"
/etc/group:
libvirt:x:113:miguel
My groups:
miguel at laptop:~$ groups
miguel dialout cdrom floppy audio video plugdev netdev powerdev libvirt
I'm not using tls, tcp, sals or policykit. Just the normal socket
connection with group authentication for normal users. The user I'm
trying to connect with is part of the libvirt group.
How to reproduce:
Install kvm and virt-manager, with all its dependencies:
# aptitude install kvm virt-manager
Verify that the libvirtd daemon is running with the default config:
# ps ax| grep libvirtd
Add a normal user to the libvirtd group (miguel in this case):
# adduser miguel libvirtd
As the normal user run virt-manager (from command line or from menu):
# virt-manager
You can only see the VMs (R/O mode: monitoring VM status only). That is,
you cannot start/stop/pause the VM (R/W mode: full VM management). In
the previous version you could.
Now, as root, and using virsh you can start and stop the VM:
laptop:~# virsh start WindowsXP
Domain WindowsXP started
laptop:~# virsh shutdown WindowsXP
Domain WindowsXP is being shutdown
The VM start and stop correctly and I can view it and use it with
virt-manager (in R/O mode)
But as normal user you can't start it:
miguel at laptop:~$ virsh start WindowsXP
Cannot set group when not running as root
libvir: QEMU error : Domain not found
libvir: QEMU error : Domain not found
error: failed to get domain 'WindowsXP'
Another thing I noticed, the previous version used to start the dnsmasq
automatically (I had ENABLED=0 in /etc/default/dnsmasq). This versión
doesn't start dnsmasq and therefore denies network capabilities to the VMs.
Workaround:
Kind of workaround. You can start the VM as root when you need them.
Also you can mark them for autostart in Details|Hardware|Boot
Options|Autostart VM.
But there will be no network unless you can start properly dnsmasq to
handle it.
-- System Information:
Debian Release: 5.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=es_MX.UTF-8, LC_CTYPE=es_MX.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libvirt-bin depends on:
ii adduser 3.110 add and remove users and groups
ii libavahi-client3 0.6.22-3 Avahi client library
ii libavahi-common3 0.6.22-3 Avahi common library
ii libc6 2.7-16 GNU C Library: Shared libraries
ii libdbus-1-3 1.2.1-4 simple interprocess
messaging syst
ii libgcrypt11 1.4.1-1 LGPL Crypto library -
runtime libr
ii libgnutls26 2.4.2-4 the GNU TLS library -
runtime libr
ii libgpg-error0 1.4-2 library for common error
values an
ii libpolkit-dbus2 0.8-2 library for accessing
PolicyKit vi
ii libpolkit2 0.8-2 library for accessing PolicyKit
ii libreadline5 5.2-3 GNU readline and history
libraries
ii libsasl2-2 2.1.22.dfsg1-23 Cyrus SASL - authentication
abstra
ii libselinux1 2.0.65-5 SELinux shared libraries
ii libtasn1-3 1.4-1 Manage ASN.1 structures
(runtime)
ii libvirt0 0.4.6-10 library for interfacing
with diffe
ii libxenstore3.0 3.2.1-2 Xenstore communications
library fo
ii libxml2 2.6.32.dfsg-5 GNOME XML library
ii logrotate 3.7.1-5 Log rotation utility
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages libvirt-bin recommends:
ii bridge-utils 1.4-5 Utilities for configuring
the Linu
ii dnsmasq 2.45-1 A small caching DNS proxy
and DHCP
ii iptables 1.4.1.1-3 administration tools for
packet fi
ii netcat-openbsd 1.89-3 TCP/IP swiss army knife
ii qemu 0.9.1-8 fast processor emulator
Versions of packages libvirt-bin suggests:
pn policykit <none> (no description available)
-- no debconf information
More information about the Pkg-libvirt-maintainers
mailing list