-
Bug
-
Resolution: Not a Bug
-
Undefined
-
None
-
rhel-9.7
-
None
-
No
-
None
-
rhel-virt-core-libvirt-1
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
Unspecified
-
Unspecified
-
Unspecified
-
None
What were you trying to do that didn't work?
Can not do cross migration from RHEL9.7 to RHEL10.1 for unprivileged guest with virtiofs device
Please provide the package NVR for which the bug is seen:
Source host:
libvirt-10.10.0-14.el9.x86_64
qemu-kvm-9.1.0-25.el9.x86_64
virtiofsd-1.13.2-1.el9_6.x86_64
Target host:
libvirt-11.5.0-3.el10.x86_64
qemu-kvm-10.0.0-9.el10.x86_64
virtiofsd-1.13.2-1.el10_0.x86_64
How reproducible is this bug?:
100%
Steps to reproduce
1. Prepare an unprivileged guest with virtiofs device
$ virsh dumpxml avocado-vt-vm1 --inactive --xpath //filesystem
<filesystem type="mount" accessmode="passthrough">
<driver type="virtiofs" queue="1024"/>
<binary path="/usr/libexec/virtiofsd" xattr="on">
<cache mode="always"/>
<sandbox mode="namespace"/>
<thread_pool size="16"/>
</binary>
<source dir="/home/lizhu/fs/lizhu/virtiofs"/>
<target dir="mount_tag"/>
<address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>
</filesystem>
2. Start the guest, and check the live xml
$ virsh dumpxml avocado-vt-vm1 --xpath //filesystem
<filesystem type="mount" accessmode="passthrough">
<driver type="virtiofs" queue="1024"/>
<binary path="/usr/libexec/virtiofsd" xattr="on">
<cache mode="always"/>
<sandbox mode="namespace"/>
<thread_pool size="16"/>
</binary>
<idmap>
<uid start="0" target="1001" count="1"/>
<uid start="1" target="165536" count="65536"/>
<gid start="0" target="1001" count="1"/>
<gid start="1" target="165536" count="65536"/>
</idmap>
<source dir="/home/lizhu/fs/lizhu/virtiofs"/>
<target dir="mount_tag"/>
<alias name="fs0"/>
<address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>
</filesystem>
3. Try to migrate the guest to a RHEL10.1 host
$ virsh migrate avocado-vt-vm1 qemu+ssh://hostname/session --verbose --live error: internal error: process exited while connecting to monitor: 2025-08-18T05:12:49.988198Z qemu-kvm: -chardev socket,id=chr-vu-fs0,path=/home/lizhu/.config/libvirt/qemu/lib/domain-1-avocado-vt-vm1/fs0-fs.sock: Failed to connect to '/home/lizhu/.config/libvirt/qemu/lib/domain-1-avocado-vt-vm1/fs0-fs.sock': Connection refused
4. Check the virtiofsd log on target host
$ cat /home/lizhu/.cache/libvirt/qemu/log/avocado-vt-vm1-fs0-virtiofsd.log [2025-08-18T05:12:49Z WARN virtiofsd::limits] Failure when trying to set the limit to 1000000, the hard limit (524288) of open file descriptors is used instead. [2025-08-18T05:12:49Z ERROR virtiofsd::sandbox] sandbox: couldn't setup id mappings: write to uid map failed: newuidmap: uid range [1-65537) -> [165536-231072) not allowed
5. Check the sub uid related info on source host
$ cat /etc/subuid test:100000:65536 lizhu:165536:65536
6. Check the sub uid related info on target host
$ cat /etc/subuid test:524288:65536 lizhu:589824:65536
(The ranges of subordinate user IDs are different on RHEL9.7 and RHEL10.1 host)
Expected results
Can migrate the unprivileged guest with virtiofs device from RHEL9.7 host to RHEL10.1 host