Roman Mohr
2019-Nov-21 14:08 UTC
[libvirt-users] Getting "Unable to set XATTR" on libvirt 5.6.0 inside containers
Hi, We are updating KubeVirt to libvirt 5.6.0. Before that we were running on 5.0.0. It seems like something regarding setting xattrs on files has changed, because with libvirt 5.6.0 we are getting the following error: ``` Unable to set XATTR trusted.libvirt.security.dac on /var/lib/libvirt/qemu/domain-410-default_vmi-fedora: Operation not permitted') ``` The main problem is for us is that container filesystems don't necessarily support setting xattrs. My questions would therfore be: * Does anyone know what has changed, and why? * Can it be disabled? Thanks a lot and Best Regards, Roman
Michal Privoznik
2019-Nov-21 14:22 UTC
Re: [libvirt-users] Getting "Unable to set XATTR" on libvirt 5.6.0 inside containers
On 11/21/19 3:08 PM, Roman Mohr wrote:> Hi, > > We are updating KubeVirt to libvirt 5.6.0. Before that we were running > on 5.0.0. It seems like something regarding setting xattrs on files has > changed, because with libvirt 5.6.0 we are getting the following error: > > ``` > Unable to set XATTR trusted.libvirt.security.dac on > /var/lib/libvirt/qemu/domain-410-default_vmi-fedora: Operation not > permitted') > ``` > > The main problem is for us is that container filesystems don't > necessarily support setting xattrs. > > My questions would therfore be: > > * Does anyone know what has changed, and why? > * Can it be disabled? >I've seen the bug you filled so I'll continue discussion there so that we don't have two places where we discuss this issue. https://bugzilla.redhat.com/show_bug.cgi?id=1774373 Michal
Roman Mohr
2019-Nov-21 14:25 UTC
Re: [libvirt-users] Getting "Unable to set XATTR" on libvirt 5.6.0 inside containers
On Thu, Nov 21, 2019 at 3:23 PM Michal Privoznik <mprivozn@redhat.com> wrote:> On 11/21/19 3:08 PM, Roman Mohr wrote: > > Hi, > > > > We are updating KubeVirt to libvirt 5.6.0. Before that we were running > > on 5.0.0. It seems like something regarding setting xattrs on files has > > changed, because with libvirt 5.6.0 we are getting the following error: > > > > ``` > > Unable to set XATTR trusted.libvirt.security.dac on > > /var/lib/libvirt/qemu/domain-410-default_vmi-fedora: Operation not > > permitted') > > ``` > > > > The main problem is for us is that container filesystems don't > > necessarily support setting xattrs. > > > > My questions would therfore be: > > > > * Does anyone know what has changed, and why? > > * Can it be disabled? > > > > I've seen the bug you filled so I'll continue discussion there so that > we don't have two places where we discuss this issue. > > https://bugzilla.redhat.com/show_bug.cgi?id=1774373 > >Thanks Michal.> Michal > >