mohamed amine Larabi
2013-Apr-18 08:50 UTC
[libvirt-users] libvirt 1.0.3 Vs 1.0.4 / cgroup devices
Hi there, I am using libvirt with lxc to create fedora 16 & 18 containers on fedora 18 host. first I did the setup with libvirt 1.0.3 and everything worked fine, then after upgrading to libvirt 1.0.4, I could not create character device on the guests : Test on the guest1 : # ls -l /dev total 0 lrwxrwxrwx. 1 root root 10 Apr 17 21:18 console -> /dev/pts/0 lrwxrwxrwx. 1 root root 11 Apr 17 21:18 core -> /proc/kcore lrwxrwxrwx. 1 root root 13 Apr 17 21:18 fd -> /proc/self/fd crw-rw-rw-. 1 root root 1, 7 Apr 17 21:18 full drwxr-xr-x. 2 root root 0 Apr 17 21:18 hugepages prw-------. 1 root root 0 Apr 17 21:18 initctl srw-rw-rw-. 1 root root 0 Apr 17 21:18 log drwxrwxrwt. 2 root root 40 Apr 17 21:18 mqueue crw-rw-rw-. 1 root root 1, 3 Apr 17 21:18 null crw-rw-rw-. 1 root root 5, 2 Apr 18 10:31 ptmx drwxr-xr-x. 2 root root 0 Apr 17 21:18 pts crw-r--r--. 1 root root 1, 8 Apr 17 21:19 random drwxrwxrwt. 2 root root 40 Apr 17 21:18 shm lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stderr -> /proc/self/fd/2 lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stdin -> /proc/self/fd/0 lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stdout -> /proc/self/fd/1 lrwxrwxrwx. 1 root root 10 Apr 17 21:18 tty1 -> /dev/pts/0 crw-rw-rw-. 1 root root 1, 9 Apr 17 21:18 urandom crw-rw-rw-. 1 root root 1, 5 Apr 17 21:18 zero # rm -f /dev/random (successful) # mknod random c 1 8 mknod: `random': Operation not permitted Config on the host : knowing that selinux is set to permissive and c 1:8 rwm is in the cgroup devices list of the guest1 # cat /sys/fs/cgroup/devices/libvirt/lxc/guest1/devices.list c 1:3 rwm c 1:5 rwm c 1:7 rwm c 1:8 rwm c 1:9 rwm c 5:0 rwm c 5:2 rwm c 10:229 rwm c 136:* rwm is this a change that was introduced intentially on 1.0.4 ? if yes, how can I make it work ? please advice Thank you in advance Amine -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20130418/9d7165b7/attachment.htm>
Mohamed Larabi
2013-Apr-18 09:11 UTC
[libvirt-users] libvirt 1.0.3 Vs 1.0.4 / cgroup devices
Hi there, I am using libvirt with lxc to create fedora 16 & 18 containers on fedora 18 host. first I did the setup with libvirt 1.0.3 and everything worked fine, then after upgrading to libvirt 1.0.4, I could not create character device on the guests : Test on the guest1 : # ls -l /dev total 0 lrwxrwxrwx. 1 root root 10 Apr 17 21:18 console -> /dev/pts/0 lrwxrwxrwx. 1 root root 11 Apr 17 21:18 core -> /proc/kcore lrwxrwxrwx. 1 root root 13 Apr 17 21:18 fd -> /proc/self/fd crw-rw-rw-. 1 root root 1, 7 Apr 17 21:18 full drwxr-xr-x. 2 root root 0 Apr 17 21:18 hugepages prw-------. 1 root root 0 Apr 17 21:18 initctl srw-rw-rw-. 1 root root 0 Apr 17 21:18 log drwxrwxrwt. 2 root root 40 Apr 17 21:18 mqueue crw-rw-rw-. 1 root root 1, 3 Apr 17 21:18 null crw-rw-rw-. 1 root root 5, 2 Apr 18 10:31 ptmx drwxr-xr-x. 2 root root 0 Apr 17 21:18 pts crw-r--r--. 1 root root 1, 8 Apr 17 21:19 random drwxrwxrwt. 2 root root 40 Apr 17 21:18 shm lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stderr -> /proc/self/fd/2 lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stdin -> /proc/self/fd/0 lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stdout -> /proc/self/fd/1 lrwxrwxrwx. 1 root root 10 Apr 17 21:18 tty1 -> /dev/pts/0 crw-rw-rw-. 1 root root 1, 9 Apr 17 21:18 urandom crw-rw-rw-. 1 root root 1, 5 Apr 17 21:18 zero # rm -f /dev/random (successful) # mknod random c 1 8 mknod: `random': Operation not permitted Config on the host : knowing that selinux is set to permissive and c 1:8 rwm is in the cgroup devices list of the guest1 # cat /sys/fs/cgroup/devices/ libvirt/lxc/guest1/devices. list c 1:3 rwm c 1:5 rwm c 1:7 rwm c 1:8 rwm c 1:9 rwm c 5:0 rwm c 5:2 rwm c 10:229 rwm c 136:* rwm is this a change that was introduced intentially on 1.0.4 ? if yes, how can I make it work ? please advice Thank you in advance Mohamed -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20130418/b8733d1e/attachment.htm>