<div dir="ltr"><div><div><div><div><div><div><div><div><div><div><div><div><div>I hope this question isn't considered too off topic for this list, I am trying to reach the libvirt-sandbox developers, but I could not find a libvirt-sandbox specific mailing list, and it seemed to me that libvirt-sandbox was a part of libvirt itself.<br>
<br></div>I am trying to port libvirt-sandbox to run on a CentOS 6.5 system. This wasn't too hard but, I had to do the following:<br><br></div>I have used the CentOS repo addon ElRepo to upgrade the kernel to 3.10.28. CentOS normally runs a 2.6.32 kernel.<br>
<br></div>I upgraded glib2 from 2.36 to 2.38.2. I did this by building 2.38.2 from source and installing it into /usr/local. Thus, the 2.36 version still exists in /lib64 and the normal CentOS applications use this version. <br>
<br></div>I built libvirt 1.2.1 from source and installed it into /usr/local. I used:<br> ./configure --with-lxc --with-selinux --with-secdriver-selinux --prefix=/usr/local<br><br></div>I built libvirt-glib 0.1.7 from source and installed it into /usr/local. I used:<br>
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure --prefix=/usr/local<br><br></div>I build libvirt-sandbox 0.5.1 from source and installed it into /usr/local. I used:<br> PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure<br>
<br></div>As a test, I am able to run the libvirt lxc helloworld example:<br><br>[root@scwnet1 lxc_helloworld]# virsh -c lxc:/// define helloworld.xml <br>Domain helloworld defined from helloworld.xml<br><br>[root@scwnet1 lxc_helloworld]# virsh -c lxc:/// start helloworld <br>
Domain helloworld started<br><br>[root@scwnet1 lxc_helloworld]# virsh -c lxc:/// list<br> Id Name State<br>----------------------------------------------------<br> 9819 helloworld running<br>
<br>[root@scwnet1 lxc_helloworld]# virsh -c lxc:/// console helloworld <br>Connected to domain helloworld<br>Escape character is ^]<br>sh-4.1# exit<br>exit<br><br><br></div>Next, I try to use libvirt-sandbox, and I get the following error:<br>
[root@scwnet1 tests]# /usr/local/bin/virt-sandbox -c lxc:/// /bin/sh<br>Unable to start sandbox: Failed to create domain: unsupported configuration: Unable to find security driver for label selinux<br><br><br></div><div>My libvirt config.log shows the SELinux security driver as yes:<br>
configure:71172: Configuration summary<br>configure:71174: =====================<br>configure:71176:<br>configure:71178: Drivers<br>configure:71180:<br>configure:71182: Xen: no<br>configure:71184: QEMU: yes<br>
configure:71186: UML: yes<br>configure:71188: OpenVZ: yes<br>configure:71190: VMware: yes<br>configure:71192: VBox: yes<br>configure:71194: XenAPI: no<br>configure:71196: xenlight: no<br>configure:71198: LXC: yes<br>
configure:71200: PHYP: no<br>configure:71202: ESX: yes<br>configure:71204: Hyper-V: no<br>configure:71206: Parallels: yes<br>configure:71208: Test: yes<br>configure:71210: Remote: yes<br>configure:71212: Network: yes<br>
configure:71214: Libvirtd: yes<br>configure:71216: Interface: yes<br>configure:71218: macvtap: yes<br>configure:71220: virtport: yes<br>configure:71222:<br>configure:71224: Storage Drivers<br>configure:71226:<br>configure:71228: Dir: yes<br>
configure:71230: FS: yes<br>configure:71232: NetFS: yes<br>configure:71234: LVM: yes<br>configure:71236: iSCSI: yes<br>configure:71238: SCSI: yes<br>configure:71240: mpath: yes<br>configure:71242: Disk: yes<br>
configure:71244: RBD: no<br>configure:71246: Sheepdog: no<br>configure:71248: Gluster: no<br>configure:71250:<br>configure:71252: Security Drivers<br>configure:71254:<br>configure:71256: SELinux: yes (/sys/fs/selinux)<br>
configure:71258: AppArmor: no (install profiles: no)<br>configure:71260:<br>configure:71262: Driver Loadable Modules<br>configure:71264:<br>configure:71267: dlopen: -ldl<br>configure:71273:<br>configure:71275: Libraries<br>
configure:71277:<br>configure:71296: apparmor: no<br>configure:71326: attr: yes (CFLAGS='' LIBS='-lattr')<br>configure:71356: audit: yes (CFLAGS='' LIBS='-laudit')<br>configure:71386: avahi: yes (CFLAGS='-D_REENTRANT ' LIBS='-lavahi-common -lavahi-client ')<br>
configure:71416: blkid: yes (CFLAGS='-I/usr/include/blkid -I/usr/include/uuid ' LIBS='-lblkid ')<br>configure:71446: capng: yes (CFLAGS='' LIBS='-lcap-ng')<br>configure:71476: curl: yes (CFLAGS='-DCURL_DISABLE_TYPECHECK ' LIBS='-lcurl ')<br>
configure:71506: dbus: no<br>configure:71536: fuse: no<br>configure:71566: glusterfs: no<br>configure:71596: hal: no<br>configure:71626: netcf: yes (CFLAGS=' ' LIBS='-lnetcf ')<br>
configure:71656: numactl: yes (CFLAGS='' LIBS='-lnuma')<br>configure:71686: openwsman: no<br>configure:71716: pciaccess: yes (CFLAGS=' ' LIBS='-lpciaccess ')<br>configure:71746: readline: yes (CFLAGS='' LIBS='-lreadline')<br>
configure:71776: sanlock: yes (CFLAGS='' LIBS='-lsanlock_client')<br>configure:71806: sasl: yes (CFLAGS='' LIBS='-lsasl2')<br>configure:71836: selinux: yes (CFLAGS='' LIBS='-lselinux')<br>
configure:71866: ssh2: no<br>configure:71897: udev: yes (CFLAGS=' ' LIBS='-ludev ')<br>configure:71927: yajl: yes (CFLAGS='' LIBS='-lyajl')<br>configure:71940: libxml: -I/usr/include/libxml2 -lxml2<br>
configure:71942: dlopen: -ldl<br>configure:71948: openwsman: no<br>configure:71952: gnutls: -DGCRYPT_NO_DEPRECATED -lgnutls -lgcrypt<br>configure:71958: firewalld: no<br>configure:71965: polkit: /usr/bin/pkcheck (version 1)<br>
configure:71976: xen: no<br>configure:71983: xenapi: no<br>configure:71990: xenlight: no<br>configure:71994: pcap: -lpcap<br>configure:72001: nl: -lnl<br>configure:72011: mscom: no<br>configure:72015: xdr:<br>
configure:72025: rbd: no<br>configure:72029:<br>configure:72031: Test suite<br>configure:72033:<br>configure:72035: Coverage: no<br>configure:72037: Alloc OOM: no<br>configure:72039:<br>configure:72041: Miscellaneous<br>
configure:72043:<br>configure:72045: Debug: yes<br>configure:72047: Use -Werror: no<br><br></div><div><br><br></div>My libvirt capabilites shows this:<br>[root@scwnet1 tests]# virsh -c lxc:/// capabilities<br>
<capabilities><br><br> <host><br> <uuid>20b4e77c-3fb8-dc11-968d-c8600070189e</uuid><br> <cpu><br> <arch>x86_64</arch><br> </cpu><br> <power_management><br>
<suspend_mem/><br> <suspend_disk/><br> </power_management><br> <topology><br> <cells num='1'><br> <cell id='0'><br> <memory unit='KiB'>8334880</memory><br>
<cpus num='4'><br> <cpu id='0' socket_id='0' core_id='0' siblings='0-1'/><br> <cpu id='1' socket_id='0' core_id='1' siblings='0-1'/><br>
<cpu id='2' socket_id='0' core_id='2' siblings='2-3'/><br> <cpu id='3' socket_id='0' core_id='3' siblings='2-3'/><br> </cpus><br>
</cell><br> </cells><br> </topology><br> <secmodel><br> <model>none</model><br> <doi>0</doi><br> </secmodel><br> </host><br><br>
<guest><br> <os_type>exe</os_type><br> <arch name='x86_64'><br> <wordsize>64</wordsize><br> <emulator>/usr/local/libexec/libvirt_lxc</emulator><br>
<domain type='lxc'><br> </domain><br> </arch><br> </guest><br><br> <guest><br> <os_type>exe</os_type><br> <arch name='i686'><br> <wordsize>32</wordsize><br>
<emulator>/usr/local/libexec/libvirt_lxc</emulator><br> <domain type='lxc'><br> </domain><br> </arch><br> </guest><br><br></capabilities><br><br><br><br>
</div>I am not sure if secmodel none is the problem.<br><br></div>Can someone give me some direction on how to fix this?<br><br></div>Cheers,<br></div> Chris.<br><div><div><div><div><div><br></div></div></div></div></div>
</div>