On 07/07/2014 02:11 PM, John wrote: > Here is what I got. > root ubuntu:/home/john# virsh start ubuntu2 > error: Failed to start domain ubuntu2 > error: internal error Process exited while reading console log output: char > device redirected to /dev/pts/1 > bind(unix:/var/lib/libvirt/qemu/ubuntu2.libguestfs): Permission denied > chardev: opening backend "socket" failed: Permission denied > > > When I deleted the <channel>...</channel> part, it will start normally. But I > need it to use guestfish with --live option. > > No SELinux or AppArmor is used. qemu.conf shows it's running by root user. I > did "virsh start" operation under root and the error remains. Should I change > the permission attributes of files under /var/lib/libvirt/qemu ? Yes, it should be writable to root. (I don't know what the default user/group for qemu are on ubuntu). Even when libvirt runs qemu as root, it drops some capabilities like CAP_DAC_OVERRIDE, which allows root to open any file regardless of permissions. Jan
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
