← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1507915] Re: libguestfs launch image failed in ubuntu

 

** This bug is no longer a duplicate of bug 1413142
   bad configuration for libguestfs

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1507915

Title:
  libguestfs launch image failed in ubuntu

Status in OpenStack Compute (nova):
  New

Bug description:
  I had following settings when I want to enable inject feature in nova.
  [libvirt]
  inject_partition = -1
  inject_key = True

  But nova-compute service will raise following exception
  2015-10-20 07:12:57.318 ERROR nova.virt.libvirt.driver [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Error injecting data into image 865c98b5-ffd7-4f32-b1af-07b273fcc07d (libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1.
  To see full error messages you may need to enable debugging.
  See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs))
  2015-10-20 07:12:57.319 ERROR nova.compute.manager [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Instance failed to spawn
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Traceback (most recent call last):
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/compute/manager.py", line 2172, in _build_resources
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     yield resources
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/compute/manager.py", line 2019, in _build_and_run_instance
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     block_device_info=block_device_info)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2437, in spawn
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     admin_pass=admin_password)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2969, in _create_image
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     instance, network_info, admin_pass, files, suffix)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2778, in _inject_data
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     instance=instance)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/usr/local/lib/python2.7/dist-packages/oslo_utils/excutils.py", line 195, in __exit__
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     six.reraise(self.type_, self.value, self.tb)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2772, in _inject_data
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     mandatory=('files',))
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/disk/api.py", line 414, in inject_data
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     fs = vfs.VFS.instance_for_image(image, partition)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/disk/vfs/api.py", line 62, in instance_for_image
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     vfs.inspect_capabilities()
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]   File "/opt/stack/nova/nova/virt/disk/vfs/guestfs.py", line 89, in inspect_capabilities
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb]     _("libguestfs installed but not usable (%s)") % e)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] NovaException: libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1.
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] To see full error messages you may need to enable debugging.
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs)
  2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] 
  2015-10-20 07:12:57.322 INFO nova.compute.manager [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Terminating instance

  Why guestfs will inspect capabilities fail?
  Because of host's kernel only allow root user had read/write permission.
  If compute-service didn't had read permission then it will launch image fail.
  In libguestfs offical FAQ site had point out this issue, following is the link
  http://libguestfs.org/guestfs-faq.1.html#binaries
  It had suggested users to change host's kernel permission.

  You can also check result by guestfish command:
  > export LIBGUESTFS_DEBUG=1
  > export LIBGUESTFS_TRACE=1
  > guestfish -a /dev/null
  <fs> launch
  ...
  ...
  /usr/bin/supermin-helper: open: /boot/vmlinuz-3.13.0-55-generic: Permission denied
  libguestfs: error: /usr/bin/supermin-helper exited with error status 1, see debug messages above
  ...
  ...

  We can have three way to resolve this problem.
  1. Open service in root permission
  2. Change kernel's permission in compute-service
  3. Check whether service had permission to read kernel. Suggest users to modify permission instead directly modify permission. Then users need to manually change kernel's permission.

  We shouldn't open service in root permission, therefore first way shouldn't been accepted.
  It will probably have security issue if service can directly change file's permission.
  At last, I prefer third way.
  Because of this issue will only happen in ubuntu os and previous reasons.

  libguestfs-tools                 1:1.24.5-1

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1507915/+subscriptions


References