[libvirt] Stored secrets seem to get corrupted

Daniel P. Berrange berrange at redhat.com
Tue Jul 3 13:13:58 UTC 2012 

On Tue, Jul 03, 2012 at 03:11:59PM +0200, Wido den Hollander wrote:
> 
> 
> On 25-06-12 16:54, Daniel P. Berrange wrote:
> >
> >>Notice this behavior:
> >>
> >>root at stack01:~# virsh secret-set-value
> >>322bccea-f2ed-4eae-a7e5-d0793ffb162d
> >>AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> >>Secret value set
> >>
> >>root at stack01:~# md5sum
> >>/etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> >>b4b147bc522828731f1a016bfa72c073
> >>/etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> >>root at stack01:~# virsh secret-set-value
> >>322bccea-f2ed-4eae-a7e5-d0793ffb162d
> >>AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> >>Secret value set
> >>
> >>root at stack01:~# md5sum
> >>/etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> >>927e2458c32cc3f6754d91694e41333f
> >>/etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> >>root at stack01:~#
> >>
> >>As you can see, the md5sum of the file changes when I set the value
> >>of the secret to the same.
> >
> >That is really bizarre. Can you look at what is actually stored
> >in the .base64 file each time ? And what 'secret-get-value'
> >replies with ?
> 
> I haven't been able to look into this any further, however: I just
> downloaded 0.9.13 from the libvirt website and installed it on a
> totally different host which is also running Ubuntu 12.04
> 
> I wanted to start a virtual machine with RBD storage and that
> failed, the secret was corrupted...
> 
> The symptoms on this machine are exactly the same, the secret file
> is just 2 bytes big.
> 
> root at amd:~# ls -al /etc/libvirt/secrets/*.base64
> -rw------- 1 root root 2 Jul  3 15:02
> /etc/libvirt/secrets/69f9540e-f0ce-4184-8254-9b22efade5f2.base64
> root at amd:~#
> 
> >
> >This is the correct behaviour tht I see myself too.
> >
> >>I verified that stack01 isn't out of disk space or out of inodes,
> >>those are in the acceptable values range.
> >>
> >>Any suggestions?
> >
> >I think you'll probably need to add some more  VIR_DEBUG lines
> >to secret_driver.c to see where in the process it is going
> >wrong. Or perhaps strace libvirtd to see what it thinks it
> >is writing out & whether any errors appear.
> >
> 
> I haven't added any VIR_DEBUG lines yet, but stracing the libvirtd
> process doesn't show any fopen() nor fwrites() to any *.base64
> files.

When strac'ing libvirtd make sure you add the '-f' arg so that you
trace all threads - the libvirtd thread leader will never do any
interesting stuff except RPC i/o

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list