Ubuntu
libvirt package

Cannot execute Virsh command through SSH on Ubuntu 18.04

Bug #1787800 reported by Tung Doan
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libvirt (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

I am using Ubuntu 18.04 for KVM host (libvirt 4.0.0). On a jumphost, I tried to execute virsh command:

ssh user@ip "virsh dominfo vm1"

I got an error: failed to get domain 'vm1'. I even tried with domain ID but still got the same error. But this command worked well on KVM host. I figured out that this problem does not happen if the KVM host is Ubuntu 16.04.

See original description
Tung Doan (tungdoan)
description: updated
description: updated
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi Tung,
as other people have stated on [1] I first assumed that just the guest is missing.
I tried to recreate with 18.04 and as expected found this:

ubuntu@node-horsea:~$ virsh dominfo c3
Id: 340
Name: c3
UUID: eac4d5b1-1503-43cd-8f6a-b89c1b04d794
OS Type: hvm
State: running
CPU(s): 1
CPU time: 5,5s
Max memory: 524288 KiB
Used memory: 524288 KiB
Persistent: yes
Autostart: disable
Managed save: no
Security model: apparmor
Security DOI: 0
Security label: libvirt-eac4d5b1-1503-43cd-8f6a-b89c1b04d794 (enforcing)

ubuntu@node-horsea:~$ logout
Connection to horsea closed.

$ ssh ubuntu@horsea "virsh dominfo c3"
error: failed to get domain 'c3'
error: Domain not found: no domain with matching name 'c3'

Ok, so far this seems to confirm your finding.
There sometimes are some security things about libvirt sockets and also dependent on the interactive/non-interactive login there could be some differences here.

And e voila:
$ ssh ubuntu@horsea -t 'bash -l -c "virsh dominfo c3"'
worked just fine.

So it is the difference of having a login shell or not.
I don't have any 16.04 systems left to easily retry atm.

I know that a login shell will set "LIBVIRT_DEFAULT_URI=qemu:///system" as that is the most common default people in ubuntu want. There actually are discussions every now and then if you'd want that or not but that is what people are used to.

Now without a login shell that isn't set, and the probing/default without might have changed due to libvirt upstream.

That known you can compare:
$ ssh ubuntu@horsea -t 'bash -l -c "virsh uri"'
qemu:///system
Connection to horsea closed.
$ ssh ubuntu@horsea "virsh uri"
qemu:///session

So by default you now get a per user session scope.

This isn't as much a bug as more of a change in defaults (where Ubuntu even tries to stick with the old defaults a bit more with the env var).
IMHO I'd call it not a bug atm.

To avoid that use login shells or guide your calls with the env variable yourself, example:
$ ssh ubuntu@horsea "LIBVIRT_DEFAULT_URI=qemu:///system virsh dominfo c3"

[1]: https://askubuntu.com/questions/1066230/cannot-execute-virsh-command-through-ssh-on-ubuntu-18-04#

Changed in libvirt (Ubuntu):
status: New → Invalid
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Also answered the askubuntu entry ...

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.