Hi All,
I've noticed a regression in libvirt 0.9.8 on some of my kvm test machines
# virsh start opensuse12
error: Failed to start domain opensuse12
error: Cannot open network interface control socket: Permission denied
Opening a control socket for setting MAC addr, etc. failed with EACCES.
In 0.9.7, the socket was opened with domain AF_INET, type SOCK_STREAM,
which of course works on this system. In 0.9.8, the socket is opened
with AF_PACKET, SOCK_DGRAM. Interestingly, a small test program calling
'socket(AF_PACKET, SOCK_DGRAM, 0)' works on this system.
libvirt is built with '--without-capng --without-apparmor
--without-selinux' and libvirtd is running with uid=euid=0.
I'm really baffled why this fails in libvirtd but works otherwise. Any
ideas?
Thanks,
Jim
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netpacket/packet.h>
#include <net/ethernet.h>
int main(int argc, char **argv)
{
int fd;
printf("Testing socket(2)...\n");
printf("Opening AF_INET, SOCK_STREAM socket\n");
fd = socket(AF_INET, SOCK_STREAM, 0);
if (fd < 0) {
printf("socket(2) failed with %s\n", strerror(errno));
exit(1);
}
close(fd);
printf("Opening AF_PACKET, SOCK_DGRAM socket\n");
fd = socket(AF_PACKET, SOCK_DGRAM, 0);
if (fd < 0) {
printf("socket(2) failed with %s\n", strerror(errno));
exit(1);
}
close(fd);
printf("Done!\n");
exit(0);
}
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list