Jamie,
Attached, but it appears to be all comments.
Thanks, Jeff
On Thu, May 27, 2010 at 9:41 AM, Jamie Strandboge <email address hidden> wrote: > s450r1, can you attach your /etc/libvirt/qemu.conf file? > > -- > setgid, setuid needed by /etc/apparmor.d/abstractions/libvirt-qemu > https://bugs.launchpad.net/bugs/579584 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in “libvirt” package in Ubuntu: Incomplete > > Bug description: > I couldn't boot any guest VMs with virsh until I modified /etc/apparmor.d/abstractions/libvirt-qemu: > jad@kvmhost:~$ sudo bzr diff /etc/apparmor.d/ > === modified file 'apparmor.d/abstractions/libvirt-qemu' > --- apparmor.d/abstractions/libvirt-qemu 2010-04-30 15:33:20 +0000 > +++ apparmor.d/abstractions/libvirt-qemu 2010-05-12 17:26:56 +0000 > @@ -8,6 +8,8 @@ > capability dac_override, > capability dac_read_search, > capability chown, > + capability setgid, > + capability setuid, > > # this is needed with libcap-ng support, however it breaks a lot of things > # atm, so just silence the denial until libcap-ng works right. LP: #522845 > > ... and restarted apparmor and libvirtd. > > Without `capability setgid`, the qemu guest log file contained: > LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin QEMU_ > AUDIO_DRV=none /usr/bin/kvm -S -M pc-0.11 -enable-kvm -m 512 -smp 1 -name dm1 -u > uid 79d03a71-3be6-19df-1070-791239480888 -chardev socket,id=monitor,path=/var/li > b/libvirt/qemu/dm1.monitor,server,nowait -monitor chardev:monitor -boot c -drive > file=/var/vm/dm1/disk0.qcow2,if=ide,index=0,boot=on -drive file=/var/vm/dm1/disk1.qcow2,if=ide,index=1 -net nic,macaddr=52:54:00:bf:75:90,vlan=0,model=virtio,name=virtio.0 -net tap,fd=50,vlan=0,name=tap.0 -serial none -parallel none -usb -vnc 127.0.0.1:0 -vga cirrus > libvir: QEMU error : cannot change to '109' group: Operation not permitted > > Without `capability setuid`, the qemu guest log file contained: > LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin QEMU_AUDIO_DRV=none /usr/bin/kvm -S -M pc-0.11 -enable-kvm -m 512 -smp 1 -name dm1 -uuid 79d03a71-3be6-19df-1070-791239480888 -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/dm1.monitor,server,nowait -monitor chardev:monitor -boot c -drive file=/var/vm/dm1/disk0.qcow2,if=ide,index=0,boot=on -drive file=/var/vm/dm1/disk1.qcow2,if=ide,index=1 -net nic,macaddr=52:54:00:bf:75:90,vlan=0,model=virtio,name=virtio.0 -net tap,fd=50,vlan=0,name=tap.0 -serial none -parallel none -usb -vnc 127.0.0.1:0 -vga cirrus > libvir: QEMU error : cannot change to '104' user: Operation not permitted > > I don't really know if these changes were the right thing to do, but it did allow me to boot the VMs with virsh. > > jad@kvmhost:~$ lsb_release -rd > Description: Ubuntu 10.04 LTS > Release: 10.04 > > jad@kvmhost:~$ apt-cache policy libvirt-bin kvm qemu-kvm > libvirt-bin: > Installed: 0.7.5-5ubuntu27 > Candidate: 0.7.5-5ubuntu27 > Version table: > *** 0.7.5-5ubuntu27 0 > 500 http://us.archive.ubuntu.com/ubuntu/ lucid/main Packages > 100 /var/lib/dpkg/status > kvm: > Installed: 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9 > Candidate: 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9 > Version table: > *** 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9 0 > 500 http://us.archive.ubuntu.com/ubuntu/ lucid/main Packages > 100 /var/lib/dpkg/status > qemu-kvm: > Installed: 0.12.3+noroms-0ubuntu9 > Candidate: 0.12.3+noroms-0ubuntu9 > Version table: > *** 0.12.3+noroms-0ubuntu9 0 > 500 http://us.archive.ubuntu.com/ubuntu/ lucid/main Packages > 100 /var/lib/dpkg/status > > To unsubscribe from this bug, go to: > https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/579584/+subscribe >
Jamie,
Attached, but it appears to be all comments.
Thanks,
Jeff
On Thu, May 27, 2010 at 9:41 AM, Jamie Strandboge <email address hidden> wrote: qemu.conf file? d/abstractions/ libvirt- qemu /bugs.launchpad .net/bugs/ 579584 d/abstractions/ libvirt- qemu: d/abstractions/ libvirt- qemu' d/abstractions/ libvirt- qemu 2010-04-30 15:33:20 +0000 d/abstractions/ libvirt- qemu 2010-05-12 17:26:56 +0000 local/sbin: /usr/local/ bin:/usr/ bin:/usr/ sbin:/sbin: /bin QEMU_ 3be6-19df- 1070-7912394808 88 -chardev socket, id=monitor, path=/var/ li qemu/dm1. monitor, server, nowait -monitor chardev:monitor -boot c -drive vm/dm1/ disk0.qcow2, if=ide, index=0, boot=on -drive file=/var/ vm/dm1/ disk1.qcow2, if=ide, index=1 -net nic,macaddr= 52:54:00: bf:75:90, vlan=0, model=virtio, name=virtio. 0 -net tap,fd= 50,vlan= 0,name= tap.0 -serial none -parallel none -usb -vnc 127.0.0.1:0 -vga cirrus local/sbin: /usr/local/ bin:/usr/ bin:/usr/ sbin:/sbin: /bin QEMU_AUDIO_DRV=none /usr/bin/kvm -S -M pc-0.11 -enable-kvm -m 512 -smp 1 -name dm1 -uuid 79d03a71- 3be6-19df- 1070-7912394808 88 -chardev socket, id=monitor, path=/var/ lib/libvirt/ qemu/dm1. monitor, server, nowait -monitor chardev:monitor -boot c -drive file=/var/ vm/dm1/ disk0.qcow2, if=ide, index=0, boot=on -drive file=/var/ vm/dm1/ disk1.qcow2, if=ide, index=1 -net nic,macaddr= 52:54:00: bf:75:90, vlan=0, model=virtio, name=virtio. 0 -net tap,fd= 50,vlan= 0,name= tap.0 -serial none -parallel none -usb -vnc 127.0.0.1:0 -vga cirrus us.archive. ubuntu. com/ubuntu/ lucid/main Packages dpkg/status 0ubuntu16+ 0.12.3+ noroms+ 0ubuntu9 0ubuntu16+ 0.12.3+ noroms+ 0ubuntu9 0ubuntu16+ 0.12.3+ noroms+ 0ubuntu9 0 us.archive. ubuntu. com/ubuntu/ lucid/main Packages dpkg/status noroms- 0ubuntu9 noroms- 0ubuntu9 noroms- 0ubuntu9 0 us.archive. ubuntu. com/ubuntu/ lucid/main Packages dpkg/status /bugs.launchpad .net/ubuntu/ +source/ libvirt/ +bug/579584/ +subscribe
> s450r1, can you attach your /etc/libvirt/
>
> --
> setgid, setuid needed by /etc/apparmor.
> https:/
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in “libvirt” package in Ubuntu: Incomplete
>
> Bug description:
> I couldn't boot any guest VMs with virsh until I modified /etc/apparmor.
> jad@kvmhost:~$ sudo bzr diff /etc/apparmor.d/
> === modified file 'apparmor.
> --- apparmor.
> +++ apparmor.
> @@ -8,6 +8,8 @@
> capability dac_override,
> capability dac_read_search,
> capability chown,
> + capability setgid,
> + capability setuid,
>
> # this is needed with libcap-ng support, however it breaks a lot of things
> # atm, so just silence the denial until libcap-ng works right. LP: #522845
>
> ... and restarted apparmor and libvirtd.
>
> Without `capability setgid`, the qemu guest log file contained:
> LC_ALL=C PATH=/usr/
> AUDIO_DRV=none /usr/bin/kvm -S -M pc-0.11 -enable-kvm -m 512 -smp 1 -name dm1 -u
> uid 79d03a71-
> b/libvirt/
> file=/var/
> libvir: QEMU error : cannot change to '109' group: Operation not permitted
>
> Without `capability setuid`, the qemu guest log file contained:
> LC_ALL=C PATH=/usr/
> libvir: QEMU error : cannot change to '104' user: Operation not permitted
>
> I don't really know if these changes were the right thing to do, but it did allow me to boot the VMs with virsh.
>
> jad@kvmhost:~$ lsb_release -rd
> Description: Ubuntu 10.04 LTS
> Release: 10.04
>
> jad@kvmhost:~$ apt-cache policy libvirt-bin kvm qemu-kvm
> libvirt-bin:
> Installed: 0.7.5-5ubuntu27
> Candidate: 0.7.5-5ubuntu27
> Version table:
> *** 0.7.5-5ubuntu27 0
> 500 http://
> 100 /var/lib/
> kvm:
> Installed: 1:84+dfsg-
> Candidate: 1:84+dfsg-
> Version table:
> *** 1:84+dfsg-
> 500 http://
> 100 /var/lib/
> qemu-kvm:
> Installed: 0.12.3+
> Candidate: 0.12.3+
> Version table:
> *** 0.12.3+
> 500 http://
> 100 /var/lib/
>
> To unsubscribe from this bug, go to:
> https:/
>