After taking a a deeper look at this bug, I think there is a edge case where we
would need a fix. However, it is impossible to push libvirt to this edge case
in regular setups.
Here is the strace of operations around the <vm>.shm file when we start the VM
tcg-minimal:
$ sudo strace -p $(pidof libvirtd) -f 2>&1 | grep "tcg\-minimal\.shm"
[pid 53844] mkdir("/run/libvirt/qemu/3-tcg-minimal.shm", 0777) = 0
[pid 53844] mount("/dev/shm", "/run/libvirt/qemu/3-tcg-minimal.shm",
0x7785d816a000, MS_MOVE, NULL) = 0
[pid 53844] newfstatat(AT_FDCWD, "/run/libvirt/qemu/3-tcg-minimal.shm",
{st_mode=S_IFDIR|S_ISVTX|0777, st_size=40, ...}, 0) = 0
[pid 53844] mount("/run/libvirt/qemu/3-tcg-minimal.shm", "/dev/shm",
0x7785d816a000, MS_MOVE, NULL) = 0
[pid 53844] umount2("/run/libvirt/qemu/3-tcg-minimal.shm", 0) = -1 EINVAL
(Invalid argument)
[pid 53844] newfstatat(AT_FDCWD, "/run/libvirt/qemu/3-tcg-minimal.shm",
{st_mode=S_IFDIR|0775, st_size=40, ...}, 0) = 0
[pid 53844] access("/run/libvirt/qemu/3-tcg-minimal.shm", F_OK) = 0
[pid 53844] openat(AT_FDCWD, "/run/libvirt/qemu/3-tcg-minimal.shm",
O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid 53844] rmdir("/run/libvirt/qemu/3-tcg-minimal.shm") = 0
We can see that libvirt goes through following steps:
1 - moves the mount /dev/shm to /run/libvirt/qemu/3-tcg-minimal.shm
...
2 - moves back /run/libvirt/qemu/3-tcg-minimal.shm to /dev/shm
3 - unmount /run/libvirt/qemu/3-tcg-minimal.shm
4 - remove /run/libvirt/qemu/3-tcg-minimal.shm
The bug happens when step (2) fails somehow and causes the failure of
subsequence steps:
- step (3) fails because of the missing apparmor permission,
- step (4) fails because /run/libvirt/qemu/3-tcg-minimal.shm is still busy
(used)
However, in normal setups, step 2 cannot fail (or at least, I do not
know how to make it fails without cheating).
So I think it is not worth to spend SRU energy to fix this very edge
case. Let me put this bug to Won't Fix and feel free to re-open it if
anyone can reproduce the issue in regular setups.
** Changed in: libvirt (Ubuntu Noble)
Status: Triaged => Won't Fix
** Tags removed: server-todo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2117037
Title:
Missing apparmor rule in usr.sbin.libvirtd
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/2117037/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
