On Mon, Feb 04, 2019 at 08:44:21PM -0200, Daniel Henrique Barboza wrote: > Hi Erik, > > Just to let you know that the error I reported in one of my replies was > being caused by one change I forgot to undo. This error here: > > > error : virQEMUCapsNewForBinaryInternal:4687 : internal error: Failed to > probe QEMU binary with > QMP: libvirt: error : prctl failed to enable 'dac_override' in the AMBIENT > set: > Operation not permitted > > > was happening because I have commented out this line inside > qemu_capabilities.c: > > --- a/src/qemu/qemu_capabilities.c > +++ b/src/qemu/qemu_capabilities.c > @@ -4519,7 +4519,7 @@ > virQEMUCapsInitQMPCommandRun(virQEMUCapsInitQMPCommandPtr cmd, > "-daemonize", > NULL); > virCommandAddEnvPassCommon(cmd->cmd); > - virCommandClearCaps(cmd->cmd); > + // virCommandClearCaps(cmd->cmd); > > #if WITH_CAPNG > /* QEMU might run into permission issues, e.g. /dev/sev (0600), > override > > > Thus there is no need to move the PR_CAP_AMBIENT around to prevent the > error message. Sorry for any alarms I might have raised there. > > > I'm still experiencing the issue with IPC_LOCK inside the guest though. I'll > update here when I have concrete findings about it. Any use of capabilities "inside the guest" is not libvirt's responsibility. It only cares about capabilities on the *host* OS used by QEMU. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
