subject:"\[ovirt\-users\] libvirt failed to read spice key"

Re: [ovirt-users] libvirt failed to read spice key

2016-04-01 Thread Bill James


SELinux status: disabled


[root@ovirt2 test ~]# ls -rtl /etc/pki/vdsm/libvirt-spice|grep -v 2016|tail
total 84
-rw-r--r-- 1 root kvm 1379 Feb 19 17:09 ca-cert.pem
-rw-r--r-- 1 root kvm 1570 Mar  7 09:44 server-cert.pem
-r--r- 1 vdsm kvm 1675 Mar  7 09:44 server-key.pem

Now I modify them to get spice to work:

[root@ovirt2 dmz.test ~]# ls -rtl /etc/pki/vdsm/libvirt-spice
total 12
-rw-r--r-- 1 root kvm 1379 Mar 22 13:09 ca-cert.pem
-rw-r--r-- 1 root kvm 1570 Mar 22 13:09 server-cert.pem
-r--r--r-- 1 vdsm kvm 1675 Mar 22 13:09 server-key.pem


The only thing I do now out of basic install is adding 'user = "root"' 
to /etc/libvirt/qemu.conf  and then reboot the box.

This is for import-to-ovirt.pl to work.

I have tried host reploy, remove/install. The only thing I found that 
worked, other than change file perms is to re-kickstart the server.


Not sure what user other than vdsm or root would be accessing the file.



On 4/1/16 1:48 AM, Michal Skrivanek wrote:

On 26 Mar 2016, at 01:19, Bill James  wrote:

I'm very interested in this too as I have same problem with spice private keys.

can you please paste permissions and selinux status, security context of that 
qemu process and the inaccessible key file(ps -Z, ls -lZ)?

I wonder if host redeploy would help..did you try to reinstall the host? It 
should go through the certificate enrollment again and shouldn’t mess with 
anything else.

Thanks,
michal




On 3/24/16 2:02 AM, Fabrice Bacchella wrote:

I' m running on a brand new Centos 7.2 an up to date ovirt 3.6.3.4.

The host is new too and dedicated to ovirt.

When I try to launch a vm, I get :

Thread-9407::ERROR::2016-03-24 
09:16:18,301::vm::759::virt.vm::(_startUnderlyingVm) 
vmId=`a32e1043-a5a5-4e4c-8436-f7b7a4ff644c`::The vm start process failed
Traceback (most recent call last):
   File "/usr/share/vdsm/virt/vm.py", line 703, in _startUnderlyingVm
 self._run()
   File "/usr/share/vdsm/virt/vm.py", line 1941, in _run
 self._connection.createXML(domxml, flags),
   File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 124, 
in wrapper
 ret = f(*args, **kwargs)
   File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 1313, in wrapper
 return func(inst, *args, **kwargs)
   File "/usr/lib64/python2.7/site-packages/libvirt.py", line 3611, in createXML
 if ret is None:raise libvirtError('virDomainCreateXML() failed', conn=self)
libvirtError: internal error: process exited while connecting to monitor: 
((null):23672): Spice-Warning **: reds.c:3311:reds_init_ssl: Could not use 
private key file
2016-03-24T08:16:18.005359Z qemu-kvm: failed to initialize spice server


/var/log/libvirt/qemu/test.log says

2016-03-24 08:55:48.214+: starting up libvirt version: 1.2.17, package: 
13.el7_2.3 (CentOS BuildSystem , 2016-02-16-17:06:00, 
worker1.bsys.centos.org), qemu version: 2.3.0 (qemu-kvm-ev-2.3.0-31.el7_2.7.1)
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin 
QEMU_AUDIO_DRV=spice /usr/libexec/qemu-kvm -name test -S -machine 
pc-i440fx-rhel7.2.0,accel=kvm,usb=off -cpu Haswell-noTSX -m 
size=2097152k,slots=16,maxmem=4294967296k -realtime mlock=off -smp 
2,maxcpus=16,sockets=16,cores=1,threads=1 -numa node,nodeid=0,cpus=0-1,mem=2048 
-uuid a32e1043-a5a5-4e4c-8436-f7b7a4ff644c -smbios 
type=1,manufacturer=oVirt,product=oVirt 
Node,version=7-2.1511.el7.centos.2.10,serial=30373237-3132-5A43-3235-34323937,uuid=a32e1043-a5a5-4e4c-8436-f7b7a4ff644c
 -no-user-config -nodefaults -chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-test/monitor.sock,server,nowait
 -mon chardev=charmonitor,id=monitor,mode=control -rtc 
base=2016-03-24T08:55:46,driftfix=slew -global kvm-pit.lost_tick_policy=discard 
-no-hpet -no-shutdown -boot menu=on,strict=on -device 
piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device 
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x4 -device virtio-serial-pci,

id

  =virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 -drive 
if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial= -device 
ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive 
file=/rhev/data-center/0001-0001-0001-0001-022a/85d19e93-ee08-41bb-94c9-56adf17287b4/images/da6f49dd-8662-418b-a859-3523b4360c0e/930bbe74-7470-4b22-b096-fdb03276262d,if=none,id=drive-scsi0-0-0-0,format=raw,serial=da6f49dd-8662-418b-a859-3523b4360c0e,cache=none,werror=stop,rerror=stop,aio=native,iops=300
 -device 
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1
 -netdev tap,fd=27,id=hostnet0,vhost=on,vhostfd=28 -device 
virtio-net-pci,netdev=hostnet0,id=net0,mac=00:1a:4a:16:01:51,bus=pci.0,addr=0x3,bootindex=2
 -chardev 
socket,id=charserial0,path=/var/run/ovirt-vmconsole-console/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.sock,server,nowait
 -device isa-serial,chardev=charserial0,id=serial0 -chardev 
socket,id=charchannel0,path=/var/lib/libvirt/q

emu

Re: [ovirt-users] libvirt failed to read spice key

2016-04-01 Thread Michal Skrivanek


> On 26 Mar 2016, at 01:19, Bill James  wrote:
> 
> I'm very interested in this too as I have same problem with spice private 
> keys.

can you please paste permissions and selinux status, security context of that 
qemu process and the inaccessible key file(ps -Z, ls -lZ)?

I wonder if host redeploy would help..did you try to reinstall the host? It 
should go through the certificate enrollment again and shouldn’t mess with 
anything else.

Thanks,
michal

> 
> 
> 
> On 3/24/16 2:02 AM, Fabrice Bacchella wrote:
>> I' m running on a brand new Centos 7.2 an up to date ovirt 3.6.3.4.
>> 
>> The host is new too and dedicated to ovirt.
>> 
>> When I try to launch a vm, I get :
>> 
>> Thread-9407::ERROR::2016-03-24 
>> 09:16:18,301::vm::759::virt.vm::(_startUnderlyingVm) 
>> vmId=`a32e1043-a5a5-4e4c-8436-f7b7a4ff644c`::The vm start process failed
>> Traceback (most recent call last):
>>   File "/usr/share/vdsm/virt/vm.py", line 703, in _startUnderlyingVm
>> self._run()
>>   File "/usr/share/vdsm/virt/vm.py", line 1941, in _run
>> self._connection.createXML(domxml, flags),
>>   File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 
>> 124, in wrapper
>> ret = f(*args, **kwargs)
>>   File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 1313, in 
>> wrapper
>> return func(inst, *args, **kwargs)
>>   File "/usr/lib64/python2.7/site-packages/libvirt.py", line 3611, in 
>> createXML
>> if ret is None:raise libvirtError('virDomainCreateXML() failed', 
>> conn=self)
>> libvirtError: internal error: process exited while connecting to monitor: 
>> ((null):23672): Spice-Warning **: reds.c:3311:reds_init_ssl: Could not use 
>> private key file
>> 2016-03-24T08:16:18.005359Z qemu-kvm: failed to initialize spice server
>> 
>> 
>> /var/log/libvirt/qemu/test.log says
>> 
>> 2016-03-24 08:55:48.214+: starting up libvirt version: 1.2.17, package: 
>> 13.el7_2.3 (CentOS BuildSystem , 
>> 2016-02-16-17:06:00, worker1.bsys.centos.org), qemu version: 2.3.0 
>> (qemu-kvm-ev-2.3.0-31.el7_2.7.1)
>> LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin 
>> QEMU_AUDIO_DRV=spice /usr/libexec/qemu-kvm -name test -S -machine 
>> pc-i440fx-rhel7.2.0,accel=kvm,usb=off -cpu Haswell-noTSX -m 
>> size=2097152k,slots=16,maxmem=4294967296k -realtime mlock=off -smp 
>> 2,maxcpus=16,sockets=16,cores=1,threads=1 -numa 
>> node,nodeid=0,cpus=0-1,mem=2048 -uuid a32e1043-a5a5-4e4c-8436-f7b7a4ff644c 
>> -smbios type=1,manufacturer=oVirt,product=oVirt 
>> Node,version=7-2.1511.el7.centos.2.10,serial=30373237-3132-5A43-3235-34323937,uuid=a32e1043-a5a5-4e4c-8436-f7b7a4ff644c
>>  -no-user-config -nodefaults -chardev 
>> socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-test/monitor.sock,server,nowait
>>  -mon chardev=charmonitor,id=monitor,mode=control -rtc 
>> base=2016-03-24T08:55:46,driftfix=slew -global 
>> kvm-pit.lost_tick_policy=discard -no-hpet -no-shutdown -boot 
>> menu=on,strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 
>> -device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x4 -device 
>> virtio-serial-pci,
> id
>>  =virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 -drive 
>> if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial= -device 
>> ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive 
>> file=/rhev/data-center/0001-0001-0001-0001-022a/85d19e93-ee08-41bb-94c9-56adf17287b4/images/da6f49dd-8662-418b-a859-3523b4360c0e/930bbe74-7470-4b22-b096-fdb03276262d,if=none,id=drive-scsi0-0-0-0,format=raw,serial=da6f49dd-8662-418b-a859-3523b4360c0e,cache=none,werror=stop,rerror=stop,aio=native,iops=300
>>  -device 
>> scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1
>>  -netdev tap,fd=27,id=hostnet0,vhost=on,vhostfd=28 -device 
>> virtio-net-pci,netdev=hostnet0,id=net0,mac=00:1a:4a:16:01:51,bus=pci.0,addr=0x3,bootindex=2
>>  -chardev 
>> socket,id=charserial0,path=/var/run/ovirt-vmconsole-console/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.sock,server,nowait
>>  -device isa-serial,chardev=charserial0,id=serial0 -chardev 
>> socket,id=charchannel0,path=/var/lib/libvirt/q
> emu
>>  
>> /channels/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.com.redhat.rhevm.vdsm,server,nowait
>>  -device 
>> virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm
>>  -chardev 
>> socket,id=charchannel1,path=/var/lib/libvirt/qemu/channels/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.org.qemu.guest_agent.0,server,nowait
>>  -device 
>> virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
>>  -chardev spicevmc,id=charchannel2,name=vdagent -device 
>> virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,name=com.redhat.spice.0
>>  -spice 
>> port=5900,tls-port=5901,addr=0,x509-dir=/etc/pki/vdsm/libvirt-spice,seamless-migration=on
>>  -device 
>>

Re: [ovirt-users] libvirt failed to read spice key

2016-03-25 Thread Bill James

I'm very interested in this too as I have same problem with spice 
private keys.




On 3/24/16 2:02 AM, Fabrice Bacchella wrote:

I' m running on a brand new Centos 7.2 an up to date ovirt 3.6.3.4.

The host is new too and dedicated to ovirt.

When I try to launch a vm, I get :

Thread-9407::ERROR::2016-03-24 
09:16:18,301::vm::759::virt.vm::(_startUnderlyingVm) 
vmId=`a32e1043-a5a5-4e4c-8436-f7b7a4ff644c`::The vm start process failed
Traceback (most recent call last):
   File "/usr/share/vdsm/virt/vm.py", line 703, in _startUnderlyingVm
 self._run()
   File "/usr/share/vdsm/virt/vm.py", line 1941, in _run
 self._connection.createXML(domxml, flags),
   File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 124, 
in wrapper
 ret = f(*args, **kwargs)
   File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 1313, in wrapper
 return func(inst, *args, **kwargs)
   File "/usr/lib64/python2.7/site-packages/libvirt.py", line 3611, in createXML
 if ret is None:raise libvirtError('virDomainCreateXML() failed', conn=self)
libvirtError: internal error: process exited while connecting to monitor: 
((null):23672): Spice-Warning **: reds.c:3311:reds_init_ssl: Could not use 
private key file
2016-03-24T08:16:18.005359Z qemu-kvm: failed to initialize spice server


/var/log/libvirt/qemu/test.log says

2016-03-24 08:55:48.214+: starting up libvirt version: 1.2.17, package: 
13.el7_2.3 (CentOS BuildSystem , 2016-02-16-17:06:00, 
worker1.bsys.centos.org), qemu version: 2.3.0 (qemu-kvm-ev-2.3.0-31.el7_2.7.1)
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin 
QEMU_AUDIO_DRV=spice /usr/libexec/qemu-kvm -name test -S -machine 
pc-i440fx-rhel7.2.0,accel=kvm,usb=off -cpu Haswell-noTSX -m 
size=2097152k,slots=16,maxmem=4294967296k -realtime mlock=off -smp 
2,maxcpus=16,sockets=16,cores=1,threads=1 -numa node,nodeid=0,cpus=0-1,mem=2048 
-uuid a32e1043-a5a5-4e4c-8436-f7b7a4ff644c -smbios 
type=1,manufacturer=oVirt,product=oVirt 
Node,version=7-2.1511.el7.centos.2.10,serial=30373237-3132-5A43-3235-34323937,uuid=a32e1043-a5a5-4e4c-8436-f7b7a4ff644c
 -no-user-config -nodefaults -chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-test/monitor.sock,server,nowait
 -mon chardev=charmonitor,id=monitor,mode=control -rtc 
base=2016-03-24T08:55:46,driftfix=slew -global kvm-pit.lost_tick_policy=discard 
-no-hpet -no-shutdown -boot menu=on,strict=on -device 
piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device 
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x4 -device virtio-serial-pci,

id

  =virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 -drive 
if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial= -device 
ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive 
file=/rhev/data-center/0001-0001-0001-0001-022a/85d19e93-ee08-41bb-94c9-56adf17287b4/images/da6f49dd-8662-418b-a859-3523b4360c0e/930bbe74-7470-4b22-b096-fdb03276262d,if=none,id=drive-scsi0-0-0-0,format=raw,serial=da6f49dd-8662-418b-a859-3523b4360c0e,cache=none,werror=stop,rerror=stop,aio=native,iops=300
 -device 
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1
 -netdev tap,fd=27,id=hostnet0,vhost=on,vhostfd=28 -device 
virtio-net-pci,netdev=hostnet0,id=net0,mac=00:1a:4a:16:01:51,bus=pci.0,addr=0x3,bootindex=2
 -chardev 
socket,id=charserial0,path=/var/run/ovirt-vmconsole-console/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.sock,server,nowait
 -device isa-serial,chardev=charserial0,id=serial0 -chardev 
socket,id=charchannel0,path=/var/lib/libvirt/q

emu

  
/channels/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.com.redhat.rhevm.vdsm,server,nowait
 -device 
virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm
 -chardev 
socket,id=charchannel1,path=/var/lib/libvirt/qemu/channels/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.org.qemu.guest_agent.0,server,nowait
 -device 
virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
 -chardev spicevmc,id=charchannel2,name=vdagent -device 
virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,name=com.redhat.spice.0
 -spice 
port=5900,tls-port=5901,addr=0,x509-dir=/etc/pki/vdsm/libvirt-spice,seamless-migration=on
 -device 
qxl-vga,id=video0,ram_size=67108864,vram_size=8388608,vgamem_mb=16,bus=pci.0,addr=0x2
 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6 -msg timestamp=on
((null):29166): Spice-Warning **: reds.c:3311:reds_init_ssl: Could not use 
private key file
2016-03-24T08:55:48.329252Z qemu-kvm: failed to initialize spice server
2016-03-24 08:55:48.479+: shutting down

and indeed, when I try to strace libvirt :
  open("/etc/pki/vdsm/libvirt-spice/server-key.pem", O_RDONLY) = -1 EACCES 
(Permission denied)

chmod a+r /etc/pki/vdsm/libvirt-spice/server-key.pem solved the problem, but 
it's obviously not a solution.




___
Users

[ovirt-users] libvirt failed to read spice key

2016-03-24 Thread Fabrice Bacchella

I' m running on a brand new Centos 7.2 an up to date ovirt 3.6.3.4.

The host is new too and dedicated to ovirt.

When I try to launch a vm, I get :

Thread-9407::ERROR::2016-03-24 
09:16:18,301::vm::759::virt.vm::(_startUnderlyingVm) 
vmId=`a32e1043-a5a5-4e4c-8436-f7b7a4ff644c`::The vm start process failed
Traceback (most recent call last):
  File "/usr/share/vdsm/virt/vm.py", line 703, in _startUnderlyingVm
self._run()
  File "/usr/share/vdsm/virt/vm.py", line 1941, in _run
self._connection.createXML(domxml, flags),
  File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 124, 
in wrapper
ret = f(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 1313, in wrapper
return func(inst, *args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line 3611, in createXML
if ret is None:raise libvirtError('virDomainCreateXML() failed', conn=self)
libvirtError: internal error: process exited while connecting to monitor: 
((null):23672): Spice-Warning **: reds.c:3311:reds_init_ssl: Could not use 
private key file
2016-03-24T08:16:18.005359Z qemu-kvm: failed to initialize spice server


/var/log/libvirt/qemu/test.log says

2016-03-24 08:55:48.214+: starting up libvirt version: 1.2.17, package: 
13.el7_2.3 (CentOS BuildSystem , 2016-02-16-17:06:00, 
worker1.bsys.centos.org), qemu version: 2.3.0 (qemu-kvm-ev-2.3.0-31.el7_2.7.1)
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin 
QEMU_AUDIO_DRV=spice /usr/libexec/qemu-kvm -name test -S -machine 
pc-i440fx-rhel7.2.0,accel=kvm,usb=off -cpu Haswell-noTSX -m 
size=2097152k,slots=16,maxmem=4294967296k -realtime mlock=off -smp 
2,maxcpus=16,sockets=16,cores=1,threads=1 -numa node,nodeid=0,cpus=0-1,mem=2048 
-uuid a32e1043-a5a5-4e4c-8436-f7b7a4ff644c -smbios 
type=1,manufacturer=oVirt,product=oVirt 
Node,version=7-2.1511.el7.centos.2.10,serial=30373237-3132-5A43-3235-34323937,uuid=a32e1043-a5a5-4e4c-8436-f7b7a4ff644c
 -no-user-config -nodefaults -chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-test/monitor.sock,server,nowait
 -mon chardev=charmonitor,id=monitor,mode=control -rtc 
base=2016-03-24T08:55:46,driftfix=slew -global kvm-pit.lost_tick_policy=discard 
-no-hpet -no-shutdown -boot menu=on,strict=on -device 
piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device 
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x4 -device virtio-serial-pci,id
 =virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 -drive 
if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial= -device 
ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive 
file=/rhev/data-center/0001-0001-0001-0001-022a/85d19e93-ee08-41bb-94c9-56adf17287b4/images/da6f49dd-8662-418b-a859-3523b4360c0e/930bbe74-7470-4b22-b096-fdb03276262d,if=none,id=drive-scsi0-0-0-0,format=raw,serial=da6f49dd-8662-418b-a859-3523b4360c0e,cache=none,werror=stop,rerror=stop,aio=native,iops=300
 -device 
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1
 -netdev tap,fd=27,id=hostnet0,vhost=on,vhostfd=28 -device 
virtio-net-pci,netdev=hostnet0,id=net0,mac=00:1a:4a:16:01:51,bus=pci.0,addr=0x3,bootindex=2
 -chardev 
socket,id=charserial0,path=/var/run/ovirt-vmconsole-console/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.sock,server,nowait
 -device isa-serial,chardev=charserial0,id=serial0 -chardev 
socket,id=charchannel0,path=/var/lib/libvirt/qemu
 
/channels/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.com.redhat.rhevm.vdsm,server,nowait
 -device 
virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm
 -chardev 
socket,id=charchannel1,path=/var/lib/libvirt/qemu/channels/a32e1043-a5a5-4e4c-8436-f7b7a4ff644c.org.qemu.guest_agent.0,server,nowait
 -device 
virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
 -chardev spicevmc,id=charchannel2,name=vdagent -device 
virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,name=com.redhat.spice.0
 -spice 
port=5900,tls-port=5901,addr=0,x509-dir=/etc/pki/vdsm/libvirt-spice,seamless-migration=on
 -device 
qxl-vga,id=video0,ram_size=67108864,vram_size=8388608,vgamem_mb=16,bus=pci.0,addr=0x2
 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6 -msg timestamp=on
((null):29166): Spice-Warning **: reds.c:3311:reds_init_ssl: Could not use 
private key file
2016-03-24T08:55:48.329252Z qemu-kvm: failed to initialize spice server
2016-03-24 08:55:48.479+: shutting down

and indeed, when I try to strace libvirt :
 open("/etc/pki/vdsm/libvirt-spice/server-key.pem", O_RDONLY) = -1 EACCES 
(Permission denied)

chmod a+r /etc/pki/vdsm/libvirt-spice/server-key.pem solved the problem, but 
it's obviously not a solution.




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] libvirt failed to read spice key

Re: [ovirt-users] libvirt failed to read spice key

Re: [ovirt-users] libvirt failed to read spice key

[ovirt-users] libvirt failed to read spice key

4 matches

Site Navigation

Mail list logo

Footer information