<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 09/22/2013 12:46 AM, yue wrote:<br>
    </div>
    <blockquote
      cite="mid:a6f5372.1000a.14143fdce50.Coremail.libvirt@163.com"
      type="cite">
      <div
        style="line-height:1.7;color:#000000;font-size:14px;font-family:arial">
        <div>hi,all</div>
        <div>when 'virsh start testname-1' failed, but i can start it
          throught commandline which is copy from libvirtd.log.</div>
      </div>
    </blockquote>
    <br>
    When you run qemu from the shell, you are running it as root. When
    libvirt runs qemu, it is running it as the user/group that is given
    in /etc/libvirt/qemu.conf. Generally that user/group is *not* root,
    but some other account that has drastically reduced privileges.<br>
    <br>
    <blockquote
      cite="mid:a6f5372.1000a.14143fdce50.Coremail.libvirt@163.com"
      type="cite">
      <div
        style="line-height:1.7;color:#000000;font-size:14px;font-family:arial">
        <div>selinux is disabled now. </div>
        <div>----------------</div>
        <div>libvirtError: internal error Process exited while reading
          console log output: char device redirected to /dev/pts/3<br>
          qemu-kvm: -drive
          file=/rhev/data-center/7828f2ae-955e-4e4b-a4bb-43807629dc52/d028d521-d4a9-4dd7-a0fe-3e9b60e7c4e4/images/ac025dc1-4e25-4b71-8c56-88dcb61b9f09/c1bfddb4-3562-4893-9df8-3f3239b277a9,if=none,id=drive-ide0-0-0,format=qcow2,serial=ac025dc1-4e25-4b71-8c56-88dcb61b9f09,cache=none,werror=stop,rerror=stop,aio=native:
          could not open disk image
          /rhev/data-center/7828f2ae-955e-4e4b-a4bb-43807629dc52/d028d521-d4a9-4dd7-a0fe-3e9b60e7c4e4/images/ac025dc1-4e25-4b71-8c56-88dcb61b9f09/c1bfddb4-3562-4893-9df8-3f3239b277a9:
          Operation not permitted</div>
      </div>
    </blockquote>
    <br>
    If selinux is disabled, then this failure has no relation to
    selinux.<br>
    <br>
    <blockquote
      cite="mid:a6f5372.1000a.14143fdce50.Coremail.libvirt@163.com"
      type="cite">
      <div
        style="line-height:1.7;color:#000000;font-size:14px;font-family:arial">
        <div> </div>
        <div>aud! it.log</div>
        <div>type=VIRT_CONTROL msg=audit(1379810795.213:41569): user
          pid=1637 uid=0 auid=4294967295 ses=4294967295
          subj=system_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm
          op=start reason=booted vm="testname-1"
          uuid=24f7e975-9aa5-4a14-b0f0-590add14c8b5 vm-pid=-1
          exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=?
          res=failed'</div>
      </div>
    </blockquote>
    <br>
    This is not an selinux AVC message, it is just a very general
    libvirt-generated audit message saying "you tried to start
    'testname-1' and it failed".<br>
    <br>
    You should verify that every component of the path to the image file
    has at least r and x permissions for the user/group that is set in
    /var/log/libvirt/qemu.conf. Also, note that if your images are on a
    root-squashing NFS server (very common with RHEV), you will need to
    set dynamic_ownership=0 in qemu.conf.<br>
    <br>
    <br>
  </body>
</html>