[Pkg-libvirt-maintainers] Bug#935313: missing ebtables dependency

Antoine Beaupre anarcat at debian.org
Wed Aug 21 15:16:26 BST 2019 

Package: libvirt-daemon
Version: 5.0.0-4
Severity: grave
File: /usr/sbin/libvirtd

Vagrant, using the libvirt backend, started failing me recently, with
something like this:

anarcat at curie:stretch64(master)$ vagrant up --provider libvirt
Bringing machine 'default' up with 'libvirt' provider...
==> default: Checking if box 'debian/stretch64' version '9.9.0' is up to date...
Error while activating network: Call to virNetworkCreate failed: internal error: Failed to initialize a valid firewall backend.
[1]anarcat at curie:stretch64(master)$ 

Syslog had more details, but nothing really informative:

aoû 21 09:24:16 curie NetworkManager[819]: <info>  [1566393856.0718] manager: (virbr1): new Bridge device (/org/freedesktop/NetworkManager/Devices/5) 
aoû 21 09:24:16 curie systemd-udevd[24139]: Using default interface naming scheme 'v240'. 
aoû 21 09:24:16 curie systemd-udevd[24139]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable. 
aoû 21 09:24:16 curie systemd-udevd[24139]: Could not generate persistent MAC address for virbr1: No such file or directory 
aoû 21 09:24:16 curie kernel: tun: Universal TUN/TAP device driver, 1.6 
aoû 21 09:24:16 curie NetworkManager[819]: <info>  [1566393856.0795] manager: (virbr1-nic): new Tun device (/org/freedesktop/NetworkManager/Devices/6) 
aoû 21 09:24:16 curie systemd-udevd[24144]: Using default interface naming scheme 'v240'. 
aoû 21 09:24:16 curie systemd-udevd[24144]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable. 
aoû 21 09:24:16 curie libvirtd[1862]: internal error: Failed to initialize a valid firewall backend 
aoû 21 09:24:16 curie kernel: virbr1: port 1(virbr1-nic) entered blocking state 
aoû 21 09:24:16 curie kernel: virbr1: port 1(virbr1-nic) entered disabled state 
aoû 21 09:24:16 curie kernel: device virbr1-nic entered promiscuous mode 
aoû 21 09:24:16 curie kernel: device virbr1-nic left promiscuous mode 
aoû 21 09:24:16 curie kernel: virbr1: port 1(virbr1-nic) entered disabled state 
aoû 21 09:24:16 curie systemd[3139]: Starting pull emails with syncmaildir... 
aoû 21 09:24:16 curie NetworkManager[819]: <info>  [1566393856.1114] device (virbr1-nic): released from master device virbr1 
aoû 21 09:24:16 curie libvirtd[1862]: Failed to open file '/sys/class/net/virbr1-nic/operstate': Aucun fichier ou dossier de ce type 
aoû 21 09:24:16 curie libvirtd[1862]: unable to read: /sys/class/net/virbr1-nic/operstate: Aucun fichier ou dossier de ce type 

Restarting libvirtd, however, did provide some insightful input:

aoû 21 10:10:05 curie systemd[1]: Starting Virtualization daemon...
aoû 21 10:10:05 curie libvirtd[31223]: libvirt version: 5.0.0, package: 4 (Guido Günther <agx at sigxcpu.org> Mon, 17 Jun 2019 19:05:40 +0200)
aoû 21 10:10:05 curie libvirtd[31223]: hostname: curie
aoû 21 10:10:05 curie libvirtd[31223]: Libvirt doesn't support VirtualBox API version 6000010
aoû 21 10:10:05 curie systemd[1]: Started Virtualization daemon.
aoû 21 10:10:05 curie libvirtd[31223]: direct firewall backend requested, but /usr/sbin/ebtables is not available: Aucun fichier ou dossier de ce type
aoû 21 10:10:05 curie libvirtd[31223]: internal error: Failed to initialize a valid firewall backend

`apt install ebtables` fixed this problem, so I feel this should be
marked as a runtime dependency for the package. Obviously, it would be
better to migrate to nftables, but that's another story...

a.

-- System Information:
Debian Release: 10.0
  APT prefers stable
  APT policy: (500, 'stable'), (1, 'experimental'), (1, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libvirt-daemon depends on:
ii  libacl1             2.2.53-4
ii  libapparmor1        2.13.2-10
ii  libaudit1           1:2.8.4-3
ii  libavahi-client3    0.7-4+b1
ii  libavahi-common3    0.7-4+b1
ii  libblkid1           2.33.1-0.1
ii  libc6               2.28-10
ii  libcap-ng0          0.7.9-2
ii  libcurl3-gnutls     7.64.0-4
ii  libdbus-1-3         1.12.16-1
ii  libdevmapper1.02.1  2:1.02.155-3
ii  libfuse2            2.9.9-1
ii  libgcc1             1:8.3.0-6
ii  libgnutls30         3.6.7-4
ii  libnetcf1           1:0.2.8-1+b2
ii  libnl-3-200         3.4.0-1
ii  libnl-route-3-200   3.4.0-1
ii  libnuma1            2.0.12-1
ii  libparted2          3.2-25
ii  libpcap0.8          1.8.1-6
ii  libpciaccess0       0.14-1
ii  libsasl2-2          2.1.27+dfsg-1
ii  libselinux1         2.8-1+b1
ii  libssh2-1           1.8.0-2.1
ii  libudev1            241-5
ii  libvirt0            5.0.0-4
ii  libxenmisc4.11      4.11.1+92-g6c33308a8d-2
ii  libxenstore3.0      4.11.1+92-g6c33308a8d-2
ii  libxentoollog1      4.11.1+92-g6c33308a8d-2
ii  libxml2             2.9.4+dfsg1-7+b3
ii  libyajl2            2.1.0-3

Versions of packages libvirt-daemon recommends:
ii  libxml2-utils   2.9.4+dfsg1-7+b3
ii  netcat-openbsd  1.195-2
ii  qemu-kvm        1:3.1+dfsg-8~deb10u1

Versions of packages libvirt-daemon suggests:
pn  libvirt-daemon-driver-storage-gluster  <none>
pn  libvirt-daemon-driver-storage-rbd      <none>
pn  libvirt-daemon-driver-storage-zfs      <none>
ii  libvirt-daemon-system                  5.0.0-4
pn  numad                                  <none>

-- debconf-show failed

More information about the Pkg-libvirt-maintainers mailing list