Re: Fail to xm/xl create domUs after an upgrade

To: Tiago Ribeiro <shasty%gmail.com@localhost>
Subject: Re: Fail to xm/xl create domUs after an upgrade
From: Étienne <etienne.pub%magickarpet.org@localhost>
Date: Mon, 18 Nov 2013 23:09:55 +0100

On Fri, Oct 11, 2013 at 06:43:43PM -0300, Tiago Ribeiro wrote:

> >>> # xl create /usr/pkg/etc/xen/marauder 
> >>> Parsing config from /usr/pkg/etc/xen/marauder
> >>> libxl: error: libxl_create.c:437:libxl__domain_make: domain creation fail
> >>> libxl: error: libxl_create.c:663:initiate_domain_create: cannot make 
> >>> domain: -3
> >>> libxl: error: libxl.c:1377:libxl__destroy_domid: non-existant domain -1
> >>> libxl: error: libxl.c:1341:domain_destroy_callback: unable to destroy 
> >>> guest with domid 4294967295
> >>> libxl: error: libxl_create.c:1171:domcreate_destruction_cb: unable to 
> >>> destroy domain 4294967295 following failed creation
> >> 
> >> xl is really useless when things go wrong ...
> 
> You download new pkgsrc? If not, download, extract and update your packages . 
> Xentools xenkernel, Python , etc.

Well, suspecting that I have messed up the permissions, I have done a
fresh install of a dom0 of the same arch, built the packages as suggested
above, transferred my VM images, and tried again.

Sadly, same result. Gentlemen, I just don't get it.

The only reference to that error message Google is bringing back is in
the _Linux_ xm(1) manpage:

    'Security labels must be assigned to domain configurations because
    these labels are essential for making access control decisions as
    early as during the configuration phase of a newly instantiated
    domain. Consequently, a security-enabled Xen hypervisor will only
    start domains that have a security label configured and whose security
    label is consistent with the currently enforced policy. Otherwise,
    starting the domain will fail with the error condition "operation not
    permitted".'

It seems to be about the "Access control subcommands", but is this even
implemented in the NetBSD version of Xen? "xm list --label" doesn't show
anything on my Dom0, the feature is not described in the manpage (it looks
awful in the Linux manpage anyway).

And even trying to create an empty new VM fails with the same error. For
reference, I just dded /dev/zero to a 2G file 'toto', and put the
following in my config file:

    kernel = "/usr/pkg/xen42-kernel/netbsd-INSTALL_XEN3_DOMU.gz"
    memory = 128
    name = "ExampleDomain"
    vif = [ '' ]
    disk = [ 'file:/var/xen/toto.img,hda1,w' ]

What can I try next?

-- 
Étienne

References:
- Fail to xm/xl create domUs after an upgrade
  - From: Étienne
- Re: Fail to xm/xl create domUs after an upgrade
  - From: Manuel Bouyer
- Re: Fail to xm/xl create domUs after an upgrade
  - From: Étienne
- Re: Fail to xm/xl create domUs after an upgrade
  - From: Tiago Ribeiro

Prev by Date: Re: NetBSD domU ksyms issue under xen 4.1.6.1 and 4.2.3, not under 4.1.2
Next by Date: Re: NetBSD domU ksyms issue under xen 4.1.6.1 and 4.2.3, not under 4.1.2
Previous by Thread: Re: Fail to xm/xl create domUs after an upgrade
Next by Thread: NetBSD domU ksyms issue under xen 4.1.6.1 and 4.2.3, not under 4.1.2
Indexes:

Home | Main Index | Thread Index | Old Index