#571159 libvirt-bin: qemu-kvm fails migration with messages in the VMs about failed disks.

Package:
libvirt-bin
Source:
libvirt
Submitter:
Gerasimos Melissaratos
Date:
2023-04-17 15:57:06 UTC
Severity:
important
Tags:
#571159#5
Date:
2010-02-23 22:05:38 UTC
From:
To:

When two libvirt/qemu servers (say, A and B) share and NFS server, migrating a VM form A to B fails, barring access to the disk image from server B. When the VM boots on server A, it sets uid/gid on the VM disk image to libvirt-qemu:kvm. During the migration process (initiated through virt-manager) the image acquires momentarily libvirt-qemu:kvm uid/gid on server B, but then it reverts to root:root and messages about failed disk access are printed on the screen of the running VM (normal, since the image gets root:root ownership). In order to migrate the image, I have to shut down the VM on server A and boot it again on server B, beating the whole idea of migration. Wether I migrate from A->B or B->A makes no difference.

#571159#8
Date:
2010-03-08 17:07:35 UTC
From:
To:
Hi,
It seems there's a problem with the first instance restoring privileges
_after_ the second one starts. Could you try setting user and group to
"root" in /etc/libvirt/qemu.conf? This should work around the problem.
Cheers,
 -- Guido

#571159#13
Date:
2010-03-11 10:01:33 UTC
From:
To:
Was going to try it, but now, after upgrading to
ii  libvirt-bin                         0.7.7-1                    the programs for the libvirt library
ii  libvirt0                            0.7.7-1                    library for interfacing with different virtu
ii  qemu-kvm                            0.12.3+dfsg-3              Full virtualization on x86 hardware

things took an ugly turn, and I cannot even connect to the console of the virtual machine. Something seems to has broken with TLS authentication. So, I'm putting migration on the back burner for a few days to see what's going on with vnc and tls.

Thanks,
Gerasimos
----- Αρχικό Μήνυμα ----- Από: "Guido Günther" <agx@sigxcpu.org> Προς: 571159-submitter@bugs.debian.org Απεσταλμένα: Monday, March 8, 2010 7:07:35 PM GMT +02:00 Harare / Pretoria Θέμα: Bug#571159: Possible workaround? Hi, It seems there's a problem with the first instance restoring privileges _after_ the second one starts. Could you try setting user and group to "root" in /etc/libvirt/qemu.conf? This should work around the problem. Cheers, -- Guido
#571159#18
Date:
2010-03-24 21:18:43 UTC
From:
To:
As mentioned, I was going to look into the vnc+tls problem, and this is what I found. When I run "strace virt-viewer -v --debug -c qemu+tls://hostname/system slack", at the end I get the following output:

write(1, "** (virt-viewer:4703): DEBUG: Go"..., 77** (virt-viewer:4703): DEBUG: Got VNC credential request for 1 credential(s)
) = 77
getuid()                                = 1000
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 10
lseek(10, 0, SEEK_CUR)                  = 0
fstat(10, {st_mode=S_IFREG|0644, st_size=2501, ...}) = 0
mmap(NULL, 2501, PROT_READ, MAP_SHARED, 10, 0) = 0x7fbf71ec7000
lseek(10, 2501, SEEK_SET)               = 2501
munmap(0x7fbf71ec7000, 2501)            = 0
close(10)                               = 0
stat("(null)/CA/cacert.pem", 0x7fffe54c5c70) = -1 ENOENT (No such file or directory)
stat("(null)/CA/cacert.pem", 0x7fffe54c5c70) = -1 ENOENT (No such file or directory)
write(1, "** (virt-viewer:4703): DEBUG: Fa"..., 62** (virt-viewer:4703): DEBUG: Failed to set credential type 2
) = 62
close(9)                                = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_SETMASK, [], [], 8)  = 0
open("/usr/share/locale/en_US/LC_MESSAGES/libgnutls.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libgnutls.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
sendto(-1, "\25\3\2\0\2\1\0", 7, 0, NULL, 0) = -1 EBADF (Bad file descriptor)
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_SETMASK, [], [], 8)  = 0
read(3, 0x249a764, 4096)                = -1 EAGAIN (Resource temporarily unavailable)
poll([{fd=3, events=POLLIN}, {fd=5, events=POLLIN}], 2, 0) = 0 (Timeout)
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_SETMASK, [], [], 8)  = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
writev(3, [{"\22\0\v\0\3\0\0\4/\1\0\0X\1\0\0\10\4\5\0\24\0\0\0(null) -"..., 180}, {NULL, 0}, {"", 0}], 3) = 180
poll([{fd=3, events=POLLIN}], 1, -1)    = 1 ([{fd=3, revents=POLLIN}])
read(3, "\34\0&\1\3\0\0\4/\1\0\0\0[\2725\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 160
read(3, 0x249a764, 4096)                = -1 EAGAIN (Resource temporarily unavailable)
poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
writev(3, [{"+\0\1\0", 4}, {NULL, 0}, {"", 0}], 3) = 4
poll([{fd=3, events=POLLIN}], 1, -1)    = 1 ([{fd=3, revents=POLLIN}])
read(3, "\1\2+\1\0\0\0\0\4\0\0\4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 4096) = 32
read(3, 0x249a764, 4096)                = -1 EAGAIN (Resource temporarily unavailable)
close(11)                               = 0
exit_group(0)                           = ?


I notice the stat lines, they have this "(null)/CA/cacert.pem", when all other stat lines have no "null". From then on it's all error and failure. Hope this helps a bit.

Bye, Gerasimos Melissaratos

#571159#21
Date:
2010-03-28 17:47:52 UTC
From:
To:
Hi Gerasimos,
please file a different bug about your gtk-vnc problem including version
information for virt-viewer and gtk-vnc. So we can handle that first.
Thanks,
 -- Guido

#571159#28
Date:
2014-10-13 09:32:36 UTC
From:
To:
Hi,

Guido Günther wrote (28 Mar 2010 17:47:52 GMT) :

What's the status on this front? Is the bug still reproducible on
current Debian stable or testing/sid? Was the bug against
gtk-vnc filed?

Cheers,
--
intrigeri

#571159#31
Date:
2014-10-13 09:32:36 UTC
From:
To:
Hi,

Guido Günther wrote (28 Mar 2010 17:47:52 GMT) :

What's the status on this front? Is the bug still reproducible on
current Debian stable or testing/sid? Was the bug against
gtk-vnc filed?

Cheers,
--
intrigeri