libvirt users - Apr 2013 - libvirt 1.0.3 Vs 1.0.4 / cgroup devices

Hi there,

I am using libvirt with lxc to create fedora 16 & 18 containers on fedora
18 host.

first I did the setup with libvirt 1.0.3 and everything worked fine, then
after upgrading to libvirt 1.0.4, I could not create character device on
the guests :

Test on the guest1 :

# ls -l /dev
total 0
lrwxrwxrwx. 1 root root   10 Apr 17 21:18 console -> /dev/pts/0
lrwxrwxrwx. 1 root root   11 Apr 17 21:18 core -> /proc/kcore
lrwxrwxrwx. 1 root root   13 Apr 17 21:18 fd -> /proc/self/fd
crw-rw-rw-. 1 root root 1, 7 Apr 17 21:18 full
drwxr-xr-x. 2 root root    0 Apr 17 21:18 hugepages
prw-------. 1 root root    0 Apr 17 21:18 initctl
srw-rw-rw-. 1 root root    0 Apr 17 21:18 log
drwxrwxrwt. 2 root root   40 Apr 17 21:18 mqueue
crw-rw-rw-. 1 root root 1, 3 Apr 17 21:18 null
crw-rw-rw-. 1 root root 5, 2 Apr 18 10:31 ptmx
drwxr-xr-x. 2 root root    0 Apr 17 21:18 pts
crw-r--r--. 1 root root 1, 8 Apr 17 21:19 random
drwxrwxrwt. 2 root root   40 Apr 17 21:18 shm
lrwxrwxrwx. 1 root root   15 Apr 17 21:18 stderr -> /proc/self/fd/2
lrwxrwxrwx. 1 root root   15 Apr 17 21:18 stdin -> /proc/self/fd/0
lrwxrwxrwx. 1 root root   15 Apr 17 21:18 stdout -> /proc/self/fd/1
lrwxrwxrwx. 1 root root   10 Apr 17 21:18 tty1 -> /dev/pts/0
crw-rw-rw-. 1 root root 1, 9 Apr 17 21:18 urandom
crw-rw-rw-. 1 root root 1, 5 Apr 17 21:18 zero

# rm -f /dev/random      (successful)

# mknod random c 1 8
mknod: `random': Operation not permitted

Config on the host :

knowing that selinux is set to permissive and c 1:8 rwm is in the cgroup
devices list of the guest1

# cat /sys/fs/cgroup/devices/libvirt/lxc/guest1/devices.list
c 1:3 rwm
c 1:5 rwm
c 1:7 rwm
c 1:8 rwm
c 1:9 rwm
c 5:0 rwm
c 5:2 rwm
c 10:229 rwm
c 136:* rwm

is this a change that was introduced intentially on 1.0.4 ? if yes, how can
I make it work ?

please advice

Thank you in advance

Amine
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://listman.redhat.com/archives/libvirt-users/attachments/20130418/9d7165b7/attachment.htm>

Hi there, 


I am using libvirt with lxc to create fedora 16 & 18 containers on fedora 18
host.


first I did the setup with libvirt 1.0.3 and everything worked fine, then after
upgrading to libvirt 1.0.4, I could not create character device on the guests :


Test on the guest1 : 


# ls -l /dev 
total 0 
lrwxrwxrwx. 1 root root 10 Apr 17 21:18 console -> /dev/pts/0 
lrwxrwxrwx. 1 root root 11 Apr 17 21:18 core -> /proc/kcore 
lrwxrwxrwx. 1 root root 13 Apr 17 21:18 fd -> /proc/self/fd 
crw-rw-rw-. 1 root root 1, 7 Apr 17 21:18 full 
drwxr-xr-x. 2 root root 0 Apr 17 21:18 hugepages 
prw-------. 1 root root 0 Apr 17 21:18 initctl 
srw-rw-rw-. 1 root root 0 Apr 17 21:18 log 
drwxrwxrwt. 2 root root 40 Apr 17 21:18 mqueue 
crw-rw-rw-. 1 root root 1, 3 Apr 17 21:18 null 
crw-rw-rw-. 1 root root 5, 2 Apr 18 10:31 ptmx 
drwxr-xr-x. 2 root root 0 Apr 17 21:18 pts 
crw-r--r--. 1 root root 1, 8 Apr 17 21:19 random 
drwxrwxrwt. 2 root root 40 Apr 17 21:18 shm 
lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stderr -> /proc/self/fd/2 
lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stdin -> /proc/self/fd/0 
lrwxrwxrwx. 1 root root 15 Apr 17 21:18 stdout -> /proc/self/fd/1 
lrwxrwxrwx. 1 root root 10 Apr 17 21:18 tty1 -> /dev/pts/0 
crw-rw-rw-. 1 root root 1, 9 Apr 17 21:18 urandom 
crw-rw-rw-. 1 root root 1, 5 Apr 17 21:18 zero 


# rm -f /dev/random (successful) 


# mknod random c 1 8 
mknod: `random': Operation not permitted 



Config on the host : 


knowing that selinux is set to permissive and c 1:8 rwm is in the cgroup devices
list of the guest1


# cat /sys/fs/cgroup/devices/ libvirt/lxc/guest1/devices. list 

c 1:3 rwm 
c 1:5 rwm 
c 1:7 rwm 
c 1:8 rwm 
c 1:9 rwm 
c 5:0 rwm 
c 5:2 rwm 
c 10:229 rwm 
c 136:* rwm 


is this a change that was introduced intentially on 1.0.4 ? if yes, how can I
make it work ?


please advice 


Thank you in advance 


Mohamed 
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://listman.redhat.com/archives/libvirt-users/attachments/20130418/b8733d1e/attachment.htm>