John
2014-Jul-07 12:11 UTC
[libvirt-users] virsh: cannot start domain with channel device,
Here is what I got. root ubuntu:/home/john# virsh start ubuntu2 error: Failed to start domain ubuntu2 error: internal error Process exited while reading console log output: char device redirected to /dev/pts/1 bind(unix:/var/lib/libvirt/qemu/ubuntu2.libguestfs): Permission denied chardev: opening backend "socket" failed: Permission denied root ubuntu:/home/john# ll /var/lib/libvirt/qemu/ total 20 drwxr-x--- 5 libvirt-qemu kvm 4096 Jul 5 14:44 ./ drwxr-xr-x 8 root root 4096 May 20 04:18 ../ drwxr-xr-x 2 libvirt-qemu kvm 4096 May 20 04:18 dump/ drwxr-xr-x 2 libvirt-qemu kvm 4096 May 20 04:18 save/ drwxr-xr-x 2 libvirt-qemu kvm 4096 May 20 04:18 snapshot/ root ubuntu:/home/john# cat /etc/libvirt/qemu/ubuntu2.xml <!-- WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE OVERWRITTEN AND LOST. Changes to this xml configuration should be made using: virsh edit ubuntu2 or other application using the libvirt API. --> <domain type='kvm' xmlns:qemu='/schemas/domain/qemu/1.0'> <qemu:commandline> <qemu:arg value='-s'/> </qemu:commandline> <name>ubuntu2</name> <uuid>03f4c36d-9509-05dd-167d-d2613d1dd883</uuid> <memory>1024000</memory> <currentMemory>1024000</currentMemory> <vcpu>1</vcpu> <os> <type arch='x86_64' machine='pc-1.0'>hvm</type> <boot dev='hd'/> </os> <features> <acpi/> <apic/> <pae/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/kvm</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2'/> <source file='/home/john/ubuntu-1204-vm.img'/> <target dev='hda' bus='ide'/> <address type='drive' controller='0' bus='0' unit='0'/> </disk> <controller type='ide' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> </controller> <interface type='bridge'> <mac address='52:54:00:d4:7d:07'/> <source bridge='br0'/> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> <serial type='pty'> <target port='0'/> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <input type='mouse' bus='ps2'/> <graphics type='vnc' port='-1' autoport='yes'/> <sound model='ich6'> <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/> </sound> <video> <model type='cirrus' vram='9216' heads='1'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> </video> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/> </memballoon> <channel type='unix'> <source mode='bind' path='/var/lib/libvirt/qemu/ubuntu2.libguestfs' /> <target type='virtio' name='org.libguestfs.channel.0' /> </channel> </devices> </domain> When I deleted the <channel>...</channel> part, it will start normally. But I need it to use guestfish with --live option. No SELinux or AppArmor is used. qemu.conf shows it's running by root user. I did "virsh start" operation under root and the error remains. Should I change the permission attributes of files under /var/lib/libvirt/qemu ?
Ján Tomko
2014-Jul-07 13:34 UTC
Re: [libvirt-users] virsh: cannot start domain with channel device,
On 07/07/2014 02:11 PM, John wrote:> Here is what I got. > root ubuntu:/home/john# virsh start ubuntu2 > error: Failed to start domain ubuntu2 > error: internal error Process exited while reading console log output: char > device redirected to /dev/pts/1 > bind(unix:/var/lib/libvirt/qemu/ubuntu2.libguestfs): Permission denied > chardev: opening backend "socket" failed: Permission denied >> > When I deleted the <channel>...</channel> part, it will start normally. But I > need it to use guestfish with --live option. > > No SELinux or AppArmor is used. qemu.conf shows it's running by root user. I > did "virsh start" operation under root and the error remains. Should I change > the permission attributes of files under /var/lib/libvirt/qemu ?Yes, it should be writable to root. (I don't know what the default user/group for qemu are on ubuntu). Even when libvirt runs qemu as root, it drops some capabilities like CAP_DAC_OVERRIDE, which allows root to open any file regardless of permissions. Jan