[libvirt] [PATCH v2 00/21] Run qemu under its own namespace

Daniel P. Berrange berrange at redhat.com
Mon Dec 12 15:56:04 UTC 2016 

On Mon, Dec 12, 2016 at 04:34:01PM +0100, Michal Privoznik wrote:
> On 12.12.2016 13:05, Daniel P. Berrange wrote:
> > On Mon, Dec 12, 2016 at 11:48:50AM +0000, Daniel P. Berrange wrote:
> >> On Wed, Dec 07, 2016 at 09:36:07AM +0100, Michal Privoznik wrote:
> >>> v1 posted here:
> >>>   https://www.redhat.com/archives/libvir-list/2016-November/msg01208.html
> >>>
> >>> diff to v1:
> >>> - I've dropped the patches for hugepages which are posted separately [1]
> >>> - I've reworked some parts according to Dan's suggestions
> >>> - Filled missing impl for virSCSIVHostDevice which was merged meanwhile
> >>>
> >>> Please note that patches 1-5, 7 were ACKed already.
> >>>
> >>> You can also find the patches on my github:
> >>>
> >>>   https://github.com/zippy2/libvirt/tree/qemu_container_v3
> >>
> >> I pulled this branch and aside from the compile error i mention I can't
> >> start guests
> >>
> >> error: internal error: process exited while connecting to monitor: 2016-12-12T11:47:53.740784Z qemu-system-x86_64: -chardev pty,id=charserial0: Failed to create PTY: No such file or directory
> >>
> >>
> >> Without having investigated, I wonder if it is trying to access the
> >> /dev/ptmx file and failing ?  The /dev/ptmx file needs to be a symlink
> >> to /dev/pts/ptmx and I'm not seeing code which creates that yet.
> > 
> > Ok, in fact it is exactly the opposite problem :-)
> > 
> > You have done a bind mount of /dev/pts/ptmx -> /dev/ptmx, which ought to
> > be fine, except on Fedora 25 for some reason the /dev/pts/ptmx file is
> > created c-------- so nothing has privileges to access it. Instead Fedora
> > uses a real /dev/ptmx device node.
> > 
> > I guess this way Fedora works is ok, because you only need the /dev/ptmx
> > symlink / bind mount, if we created a *new* devpts mount instance - but
> > we're just reusing the host instance.
> > 
> > IOW, just modify qemuDomainBuildNamespace to remove the bind mount of
> > /dev/ptmx entirely, and QEMU starts.
> 
> Ah, okay. Haven't seen that on my system. Wonder why is that.
>
> > 
> > After that, my next problem is lack of /dev/shm break SPICE graphics.
> > 
> > We should treat /dev/shm the same way we treat /dev/pts - just preserve
> > the existing host /dev/shm mount point (if it exists)
> 
> I will post v3 for the patch that sets up /dev/* (even though it had
> been ACKed). However, on my system there is more:
> 
> # findmnt -R /dev/
> TARGET        SOURCE FSTYPE   OPTIONS
> /dev          udev   devtmpfs rw,nosuid,relatime,size=10240k,nr_inodes=2013332,mode=755
> ├─/dev/pts    devpts devpts   rw,relatime,gid=5,mode=620,ptmxmode=000
> ├─/dev/mqueue mqueue mqueue   rw,nosuid,nodev,noexec,relatime
> └─/dev/shm    shm    tmpfs    rw,nosuid,nodev,noexec,relatime
> 
> Should we worry about /dev/mqueue too? No idea what it is.

POSIX message queues - we should probably set that up too - things using
shm to coordinate between processes will often also use message queues.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://entangle-photo.org       -o-    http://search.cpan.org/~danberr/ :|

More information about the libvir-list mailing list