1351995 – Failed to connect socket to '/run/user/1000/libvirt/virtlogd-sock': No such file or directory

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1351995 - Failed to connect socket to '/run/user/1000/libvirt/virtlogd-sock': No such file or directory

Summary: Failed to connect socket to '/run/user/1000/libvirt/virtlogd-sock': No such f...

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	libvirt
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Libvirt Maintainers
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Duplicates (4):	1351976 1352224 1352263 1352265 (view as bug list)
Depends On:	1351954 1352064 1352066
Blocks:	TRACKER-bugs-affecting-libguestfs
TreeView+	depends on / blocked

Reported:	2016-07-01 10:57 UTC by Richard W.M. Jones
Modified:	2016-07-04 11:04 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-07-04 08:36:07 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
libvirtd strace (6.60 MB, text/plain) 2016-07-01 12:00 UTC, Richard W.M. Jones	no flags	Details
View All

Description Richard W.M. Jones 2016-07-01 10:57:06 UTC

Description of problem:

libvirt in Rawhide cannot launch guests (yet again - is it too
much to ask that you test this most basic use case for libvirt?)

Version-Release number of selected component (if applicable):

libvirt-1.3.5-2.fc25.x86_64

How reproducible:

100%

Steps to Reproduce:

** NB I am running the following command as NON-ROOT **

$ virt-install --import --name tmp-bug --ram 2048 --disk none
WARNING  No operating system detected, VM performance may suffer. Specify an OS with --os-variant for optimal results.

Starting install...
ERROR    Failed to connect socket to '/run/user/1000/libvirt/virtlogd-sock': No such file or directory
Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
  virsh --connect qemu:///session start tmp-bug
otherwise, please restart your installation.

Comment 1 Richard W.M. Jones 2016-07-01 11:08:52 UTC

I tried downgrading the running kernel from
kernel-4.7.0-0.rc5.git1.2.fc25.x86_64
to 4.7.0-0.rc2.git3.2.fc25.x86_64 but that made no difference.

I suspect glibc socket problems.

Comment 2 Richard W.M. Jones 2016-07-01 11:19:49 UTC

I tried the libvirt 2.0.0 build from:

http://koji.fedoraproject.org/koji/taskinfo?taskID=14728077

That should be built against the new glibc (and is also built
against the exact same glibc that I have installed), so that
rules out glibc socket problems.

With session libvirtd running:

$ ls -l /run/user/1000/libvirt/
total 4
drwx------. 2 rjones rjones 40 Jul  1 12:15 hostdevmgr
srwx------. 1 rjones rjones  0 Jul  1 12:15 libvirt-admin-sock
-rw-r--r--. 1 rjones rjones  4 Jul  1 12:15 libvirtd.pid
srwx------. 1 rjones rjones  0 Jul  1 12:15 libvirt-sock
drwxrwxr-x. 3 rjones rjones 60 Jul  1 12:15 network
drwxrwxr-x. 3 rjones rjones 60 Jul  1 12:15 qemu
drwxrwxr-x. 3 rjones rjones 60 Jul  1 12:15 storage

Note that session virtlogd is not being started by libvirtd.
I can start virtlogd manually, although obviously I shouldn't
need to do that.

Comment 3 Richard W.M. Jones 2016-07-01 12:00:44 UTC

Created attachment 1174888 [details]
libvirtd strace

The error appears to be:

2800  capset({_LINUX_CAPABILITY_VERSION_3, 2757}, {0, 0, 0}) = -1 EPERM (Operation not permitted)
2800  write(2, "libvirt:  error : internal error: cannot apply process capabilities -1\n", 71) = 71

libcap-ng-0.7.7-4.fc24.x86_64
kernel-4.7.0-0.rc5.git1.2.fc25.x86_64

Comment 4 Andrea Bolognani 2016-07-01 12:06:17 UTC

Same error here.

kernel-4.5.0-0.44.el7.aarch64
libcap-ng-0.7.5-4.el7.aarch64

Comment 5 Richard W.M. Jones 2016-07-01 12:57:09 UTC

The patch below (by Andrea Bolognani) fixes the problem for me:

diff --git a/src/util/virutil.c b/src/util/virutil.c
index 170dd59..564d0ba 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1465,6 +1465,8 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, gid_t *groups, int ngroups,
     bool need_setgid = false, need_setuid = false;
     bool need_setpcap = false;
 
+    capng_setpid(getpid());
+
     /* First drop all caps (unless the requested uid is "unchanged" or
      * root and clearExistingCaps wasn't requested), then add back
      * those in capBits + the extra ones we need to change uid/gid and

Comment 6 Richard W.M. Jones 2016-07-01 17:22:49 UTC

Fix is to install audit >= 2.6.2-1.

Comment 7 Daniel Berrangé 2016-07-04 08:41:39 UTC

*** Bug 1352263 has been marked as a duplicate of this bug. ***

Comment 8 Daniel Berrangé 2016-07-04 08:42:01 UTC

*** Bug 1352265 has been marked as a duplicate of this bug. ***

Comment 9 Victor Toso 2016-07-04 08:59:35 UTC

*** Bug 1352224 has been marked as a duplicate of this bug. ***

Comment 10 Andrea Bolognani 2016-07-04 11:04:04 UTC

*** Bug 1351976 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.