Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1351995

Summary: Failed to connect socket to '/run/user/1000/libvirt/virtlogd-sock': No such file or directory
Product: [Fedora] Fedora Reporter: Richard W.M. Jones <rjones>
Component: libvirtAssignee: Libvirt Maintainers <libvirt-maint>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: abologna, agedosier, berrange, clalancette, dimitris, dzheng, fedora, gsun, gustavown, itamar, laine, libvirt-maint, veillard, virt-maint, wouter
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-07-04 08:36:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1351954, 1352064, 1352066    
Bug Blocks: 910269    
Attachments:
Description Flags
libvirtd strace none

Description Richard W.M. Jones 2016-07-01 10:57:06 UTC 
Description of problem:

libvirt in Rawhide cannot launch guests (yet again - is it too
much to ask that you test this most basic use case for libvirt?)

Version-Release number of selected component (if applicable):

libvirt-1.3.5-2.fc25.x86_64

How reproducible:

100%

Steps to Reproduce:

** NB I am running the following command as NON-ROOT **

$ virt-install --import --name tmp-bug --ram 2048 --disk none
WARNING  No operating system detected, VM performance may suffer. Specify an OS with --os-variant for optimal results.

Starting install...
ERROR    Failed to connect socket to '/run/user/1000/libvirt/virtlogd-sock': No such file or directory
Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
  virsh --connect qemu:///session start tmp-bug
otherwise, please restart your installation.
Comment 1 Richard W.M. Jones 2016-07-01 11:08:52 UTC 
I tried downgrading the running kernel from
kernel-4.7.0-0.rc5.git1.2.fc25.x86_64
to 4.7.0-0.rc2.git3.2.fc25.x86_64 but that made no difference.

I suspect glibc socket problems.
Comment 2 Richard W.M. Jones 2016-07-01 11:19:49 UTC 
I tried the libvirt 2.0.0 build from:

http://koji.fedoraproject.org/koji/taskinfo?taskID=14728077

That should be built against the new glibc (and is also built
against the exact same glibc that I have installed), so that
rules out glibc socket problems.

With session libvirtd running:

$ ls -l /run/user/1000/libvirt/
total 4
drwx------. 2 rjones rjones 40 Jul  1 12:15 hostdevmgr
srwx------. 1 rjones rjones  0 Jul  1 12:15 libvirt-admin-sock
-rw-r--r--. 1 rjones rjones  4 Jul  1 12:15 libvirtd.pid
srwx------. 1 rjones rjones  0 Jul  1 12:15 libvirt-sock
drwxrwxr-x. 3 rjones rjones 60 Jul  1 12:15 network
drwxrwxr-x. 3 rjones rjones 60 Jul  1 12:15 qemu
drwxrwxr-x. 3 rjones rjones 60 Jul  1 12:15 storage

Note that session virtlogd is not being started by libvirtd.
I can start virtlogd manually, although obviously I shouldn't
need to do that.
Comment 3 Richard W.M. Jones 2016-07-01 12:00:44 UTC 
Created attachment 1174888 [details]
libvirtd strace

The error appears to be:

2800  capset({_LINUX_CAPABILITY_VERSION_3, 2757}, {0, 0, 0}) = -1 EPERM (Operation not permitted)
2800  write(2, "libvirt:  error : internal error: cannot apply process capabilities -1\n", 71) = 71

libcap-ng-0.7.7-4.fc24.x86_64
kernel-4.7.0-0.rc5.git1.2.fc25.x86_64
Comment 4 Andrea Bolognani 2016-07-01 12:06:17 UTC 
Same error here.

kernel-4.5.0-0.44.el7.aarch64
libcap-ng-0.7.5-4.el7.aarch64
Comment 5 Richard W.M. Jones 2016-07-01 12:57:09 UTC 
The patch below (by Andrea Bolognani) fixes the problem for me:

diff --git a/src/util/virutil.c b/src/util/virutil.c
index 170dd59..564d0ba 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1465,6 +1465,8 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, gid_t *groups, int ngroups,
     bool need_setgid = false, need_setuid = false;
     bool need_setpcap = false;
 
+    capng_setpid(getpid());
+
     /* First drop all caps (unless the requested uid is "unchanged" or
      * root and clearExistingCaps wasn't requested), then add back
      * those in capBits + the extra ones we need to change uid/gid and
Comment 6 Richard W.M. Jones 2016-07-01 17:22:49 UTC 
Fix is to install audit >= 2.6.2-1.
Comment 7 Daniel Berrangé 2016-07-04 08:41:39 UTC 
*** Bug 1352263 has been marked as a duplicate of this bug. ***
Comment 8 Daniel Berrangé 2016-07-04 08:42:01 UTC 
*** Bug 1352265 has been marked as a duplicate of this bug. ***
Comment 9 Victor Toso 2016-07-04 08:59:35 UTC 
*** Bug 1352224 has been marked as a duplicate of this bug. ***
Comment 10 Andrea Bolognani 2016-07-04 11:04:04 UTC 
*** Bug 1351976 has been marked as a duplicate of this bug. ***