[CentOS-virt] unable to get domain status from libvirt & KVM

Thu Mar 11 20:54:29 UTC 2010
Tom Georgoulias <tomg at mcclatchyinteractive.com>

On 03/11/2010 03:32 PM, Akemi Yagi wrote:
> On Thu, Mar 11, 2010 at 12:19 PM, Tom Georgoulias
> <tomg at mcclatchyinteractive.com>  wrote:
>>
>> As test user "testu":
>>
>> [testu at kvm ~]$ virsh -c qemu:///system list --all
>> error: unable to connect to '/var/run/libvirt/libvirt-sock': Permission
>> denied
>> error: failed to connect to the hypervisor
>> [testu at kvm ~]$ virsh -c qemu:///session list --all
>> 15:04:05.167: error : No vport operation path found for host0
>> 15:04:05.186: error : No vport operation path found for host4
>> 15:04:05.192: error : No vport operation path found for host3
>> 15:04:05.240: error : No vport operation path found for host1
>> 15:04:05.240: error : No vport operation path found for host2
>>   Id Name                 State
>> ----------------------------------
>>
>> [testu at kvm ~]$
>>
>> Doesn't seem like a socket access issue, the perms for the
>> libvirt-sock-ro are wide open.
>
> It says "unable to connect to '/var/run/libvirt/libvirt-sock'", not to
> 'libvirt-sock-ro'.  Try manually changing it to look like:
>
> srwxrwx--- 1 root testu     0 Mar 11 15:03 libvirt-sock
>
> [This is how mine is configured]

But isn't that socket used for full domain management?  I'm just using a 
read-only view in the python script ("conn = libvirt.openReadOnly(None)" 
), which I thought was using /var/run/libvirt/libvirt-sock-ro.

Anyway, in the interest of an experiment, here's the results of changing 
group permissions to libvirt-sock:

[root at kvm libvirt]# service libvirtd restart
Stopping libvirtd daemon:                                  [  OK  ]
Starting libvirtd daemon:                                  [  OK  ]
[root at kvm libvirt]# ls -l
total 16
srwxrwx--- 1 root testu     0 Mar 11 15:03 libvirt-sock
srwxrwxrwx 1 root testu     0 Mar 11 15:03 libvirt-sock-ro
drwxr-xr-x 2 root root   4096 Mar  8 13:05 network
drwxr-xr-x 2 root root   4096 Mar 11 15:37 qemu

[testu at kvm ~]$ virsh -c qemu:///system list --all
  Id Name                 State
----------------------------------
   8 changed              running
  12 changed2             running
   - changed3             shut off


Back to my script:

$ python
Python 2.4.3 (#1, Sep  3 2009, 15:37:37)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-46)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
 >>> import libvirt
 >>> conn = libvirt.openReadOnly(None)
15:43:38.001: error : No vport operation path found for host0
15:43:38.020: error : No vport operation path found for host4
15:43:38.026: error : No vport operation path found for host3
15:43:38.069: error : No vport operation path found for host1
15:43:38.069: error : No vport operation path found for host2
 >>> domains = conn.listDomainsID()
 >>> print domains
[]
 >>>

So the virsh command works as expected, but not when I use python.

Tom