[libvirt-users] virsh: cannot start domain with channel device,
Ján Tomko
jtomko at redhat.com
Mon Jul 7 13:34:50 UTC 2014
On 07/07/2014 02:11 PM, John wrote:
> Here is what I got.
> root ubuntu:/home/john# virsh start ubuntu2
> error: Failed to start domain ubuntu2
> error: internal error Process exited while reading console log output: char
> device redirected to /dev/pts/1
> bind(unix:/var/lib/libvirt/qemu/ubuntu2.libguestfs): Permission denied
> chardev: opening backend "socket" failed: Permission denied
>
>
> When I deleted the <channel>...</channel> part, it will start normally. But I
> need it to use guestfish with --live option.
>
> No SELinux or AppArmor is used. qemu.conf shows it's running by root user. I
> did "virsh start" operation under root and the error remains. Should I change
> the permission attributes of files under /var/lib/libvirt/qemu ?
Yes, it should be writable to root. (I don't know what the default user/group
for qemu are on ubuntu).
Even when libvirt runs qemu as root, it drops some capabilities like
CAP_DAC_OVERRIDE, which allows root to open any file regardless of permissions.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20140707/920bd7ca/attachment.sig>
More information about the libvirt-users
mailing list