- Issued:
- 2011-04-14
- Updated:
- 2011-04-14
RHBA-2011:0446 - libvirt bug fix update
Synopsis
libvirt bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated libvirt packages that resolve several issues are now available for Red Hat Enterprise Linux 6.
Description
The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems.
These updated libvirt packages provide fixes for the following bugs:
-
When a root-squashing export of a domain was owned by a group to which the qemu user belonged, but was not owned by the qemu user, libvirt could not create a file to save the domain's state. This was because the save operation was invoked by the user who did not have the needed group permissions. With this update, libvirt first acquires all the needed group permissions and only then attempts to perform the aforementioned save operation. (BZ#656355)
-
Members of the qemu group did not have read/write permissions for the "[localstatedir]/[cache/lib]/libvirt/qemu/" directory in which XML files which define sockets are placed. Permissions are now updated to allow the qemu group read/write permissions. (BZ#656972)
-
A race condition where an application could query block information on a virtual guest that had just been migrated away could occur when migrating a guest. As a result, the libvirt service crashed. The libvirt application now verifies that a guest exists before attempting to start any monitoring operations. (BZ#658141)
-
Live migration of a guest could take an exceptionally long time to converge to the switchover point if the guest was very busy. By allowing to increase the downtime setting of a guest, migration is more likely to complete. However, libvirt was sending an incorrectly formatted request to increase the downtime setting of a guest. With this update, libvirt correctly sends the downtime setting request. (BZ#658143)
-
The "addrToString" methods did not work properly with UNIX domain sockets which did not have a normal "host:port" address. As a result SASL (Simple Authentication and Security Layer) could not be used over UNIX domain sockets. With this update, the "addrToString" methods are fixed and SASL is no longer restricted to TCP connections. (BZ#658144)
-
Prior to this update, libvirt was not able to recognize whether a domain crashed or was properly shut down. With this update, a SHUTDOWN event sent by qemu is recognized by libvirt when a domain is properly shut down. If the SHUTDOWN event is not received, the domain is declared to have crashed. (BZ#662042)
-
A deadlock occurred in the libvirt service when running concurrent bidirectional migration because certain calls did not release their local driver lock before issuing an RPC (Remote Procedure Call) call on a remote libvirt daemon. A deadlock no longer occurs between two communicating libvirt daemons. (BZ#662043)
-
A specification file bug caused permissions on the /var/lib/libvirt directory to change when upgrading a system. With this update, correct permissions are assigned to the aforementioned directory. (BZ#662045)
-
An off-by-one error in a clock variable caused a virtual guest to show incorrect date and time information. This update addresses this error. Date and time information is now correctly displayed. (BZ#662046)
-
The %post script (part of the libvirt-client package) started the libvirt-guests service even when the service was explicitly turned off. With this update, the libvirt-guests service is no longer started when explicitly turned off. (BZ#668694)
-
Starting and shutting down a domain led to a memory leak due to the memory buffer not being freed properly. With this update, starting and shutting down a domain no longer leads to a memory leak. (BZ#672549)
-
Starting and shutting down a domain led to a memory leak due to the use of a thread-unfriendly "matchpathcon" (which gets the default security context for the specified path) SELinux API. With this update, libvirt uses improved SELinux APIs and a memory leak no longer occurs.(BZ#672554)
All users of libvirt are advised to upgrade to these updated packages, which resolve these issues.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- libvirt-0.8.1-27.el6_0.3.x86_64.rpm
- libvirt-debuginfo-0.8.1-27.el6_0.3.i686.rpm
- libvirt-python-0.8.1-27.el6_0.3.x86_64.rpm
- libvirt-client-0.8.1-27.el6_0.3.i686.rpm
- libvirt-devel-0.8.1-27.el6_0.3.ppc64.rpm
- libvirt-client-0.8.1-27.el6_0.3.x86_64.rpm
- libvirt-0.8.1-27.el6_0.3.ppc64.rpm
- libvirt-0.8.1-27.el6_0.3.src.rpm
- libvirt-python-0.8.1-27.el6_0.3.ppc64.rpm
- libvirt-client-0.8.1-27.el6_0.3.s390.rpm
- libvirt-devel-0.8.1-27.el6_0.3.i686.rpm
- libvirt-client-0.8.1-27.el6_0.3.ppc.rpm
- libvirt-0.8.1-27.el6_0.3.s390x.rpm
- libvirt-python-0.8.1-27.el6_0.3.s390x.rpm
- libvirt-client-0.8.1-27.el6_0.3.s390x.rpm
- libvirt-0.8.1-27.el6_0.3.i686.rpm
- libvirt-devel-0.8.1-27.el6_0.3.x86_64.rpm
- libvirt-debuginfo-0.8.1-27.el6_0.3.ppc64.rpm
- libvirt-debuginfo-0.8.1-27.el6_0.3.s390x.rpm
- libvirt-debuginfo-0.8.1-27.el6_0.3.s390.rpm
- libvirt-devel-0.8.1-27.el6_0.3.s390.rpm
- libvirt-devel-0.8.1-27.el6_0.3.ppc.rpm
- libvirt-debuginfo-0.8.1-27.el6_0.3.x86_64.rpm
- libvirt-debuginfo-0.8.1-27.el6_0.3.ppc.rpm
- libvirt-devel-0.8.1-27.el6_0.3.s390x.rpm
- libvirt-python-0.8.1-27.el6_0.3.i686.rpm
- libvirt-client-0.8.1-27.el6_0.3.ppc64.rpm
Fixes
- This content is not included.BZ - 656355
- This content is not included.BZ - 656972
- This content is not included.BZ - 658141
- This content is not included.BZ - 658143
- This content is not included.BZ - 658144
- This content is not included.BZ - 662042
- This content is not included.BZ - 662043
- This content is not included.BZ - 662045
- This content is not included.BZ - 662046
- This content is not included.BZ - 668694
- This content is not included.BZ - 672549
- This content is not included.BZ - 672554
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.