<div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial">I know that, <br><div>after nfs mounted in client, it used nfs server's
permission, although i don't know why it's this, but i execute as
follows in nfs server:</div><div># useradd sanlock -u 114<br># usermod -a -G kvm sanlock</div><div><br></div><div>then it's works well!</div><div><br></div>thanks anyhow!<br><br><br><br><br><div style="position:relative;zoom:1"></div><div id="divNeteaseMailCard"></div><br>At 2017-09-12 18:47:55, "pengyixiang" <yxpengi386@163.com> wrote:<br> <blockquote id="isReplyContent" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><div>hello Nir</div><div> I just do a test, as follows, i add linx to group kvm <br></div># cat /etc/group | grep "kvm"<br>kvm:x:112:qemu,vdsm,linx,sanlock<br><div><br></div><div>and i see the permission of leases of nfs storage:<br></div>$ ls -l /rhev/data-center/mnt/<a href="http://192.168.11.55" target="_blank">192.168.11.55</a>\:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/leases <br>-rw-rw----
1 vdsm kvm 2097152 9月 11 19:21
/rhev/data-center/mnt/192.168.11.55:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/leases<br><div><br></div><div>sanlock cannot read it</div><div>425138 resource = sanlock.read_resource(lease.path, lease.offset)<br>425139 SanlockException: (13, 'Sanlock resource read failure', 'Permission denied')</div><div><br></div><div>and i cannot change to sanlock like that:</div><div># su sanlock<br>root@Node:~#</div><div><br></div><div>so i add a user linx to group kvm, and access to a o660 file with vdsm:kvm as follows:<br></div><div><div>$ ls -l<br>总用量 16<br>-rw-rw---- 1 vdsm kvm 6 9月 11 20:06 1.txt<br>drwxr-xr-x 9 linx linx 4096 9月 1 15:58 linx-virtualization<br>drw-rw---- 3 linx linx 4096 9月 11 20:13 test2<br>drw-rw---- 2 linx linx 4096 9月 11 20:19 test3</div><div><br></div><div>then we can view the file in user "linx":</div><div>$ cat ~/1.txt <br>pencc</div><div><br></div><div>then i create 1.txt as same as ~/1.txt in nfs mount point like that with permission o666 vdsm:kvm :<br></div><div> /rhev/data-center/mnt/<a href="http://192.168.11.55" target="_blank">192.168.11.55</a>\:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/1.txt</div><div><br></div><div>then i read it, but failed too<br></div><div>Permission denied</div><div><br></div><div>if i change 1.txt's permission in mount point to o666<br></div><div><br></div><div>then i can read it succeed.</div><div><br></div><div>i think, maybe nfs's mount caused group permission failed, group permission as the second '6' of o6<span style="color: rgb(255, 0, 0);">6</span>6<br></div></div><div style="position:relative;zoom:1"></div><div></div><div><br></div><div>i cannot understand it, this my nfs-server's exports configurations:</div><div>/home/dataStorage *(rw,sync,no_subtree_check)</div><div><br></div><div>have any ideas? QAQ<br></div><div><br></div><div><br></div>在 2017-09-12 18:06:08,"Nir Soffer" <<a href="mailto:nsoffer@redhat.com">nsoffer@redhat.com</a>> 写道:<br> <blockquote id="isReplyContent" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br><br><div class="gmail_quote"><div dir="ltr">On Tue, 12 Sep 2017, 4:52 pengyixiang <<a href="mailto:yxpengi386@163.com">yxpengi386@163.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><div>hello,everyone</div><div> sanlock failed due to cannot read nfs storage's data , i tried to chmod 777 /rhev/data-center/mnt/<a href="http://192.168.11.55" target="_blank">192.168.11.55</a>\:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/*(add others permission), then it's ok</div><div><br></div><div id="m_5112730121177920253isForwardContent"><div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><div> sanlock's log:<br>425120 Traceback (most recent call last):<br>425121 File "/usr/lib/python2.7/dist-packages/vdsm/storage/task.py", line 878, in _run<br>425122 return fn(*args, **kargs)<br>425123 File "/usr/lib/python2.7/dist-packages/vdsm/logUtils.py", line 52, in wrapper<br>425124 res = f(*args, **kwargs)<br>425125 File "/usr/share/vdsm/storage/hsm.py", line 619, in getSpmStatus<br>425126 status = self._getSpmStatusInfo(pool)<br>425127 File "/usr/share/vdsm/storage/hsm.py", line 613, in _getSpmStatusInfo<br>425128 (pool.spmRole,) + pool.getSpmStatus()))<br>425129 File "/usr/share/vdsm/storage/sp.py", line 141, in getSpmStatus<br>425130 return self._backend.getSpmStatus()<br>425131 File "/usr/share/vdsm/storage/spbackends.py", line 433, in getSpmStatus<br>425132 lVer, spmId = self.masterDomain.inquireClusterLock()<br>425133 File "/usr/share/vdsm/storage/sd.py", line 817, in inquireClusterLock<br>425134 return self._manifest.inquireDomainLock()<br>425135 File "/usr/share/vdsm/storage/sd.py", line 522, in inquireDomainLock<br>425136 return self._domainLock.inquire(self.getDomainLease())<br>425137 File "/usr/lib/python2.7/dist-packages/vdsm/storage/clusterlock.py", line 372, in i nquire<br>425138 resource = sanlock.read_resource(lease.path, lease.offset)<br>425139 SanlockException: (13, 'Sanlock resource read failure', 'Permission denied')</div><div><br></div><div>i test it, and in node,I add user "linx" to group "kvm"<br></div><div>$ cat /etc/group | grep "kvm"<br>kvm:x:112:qemu,vdsm,<span style="color:rgb(255,0,0)">linx</span>,sanlock</div><div><br></div><div>then i create a file in $HOME:</div><div>$ ls -l<br>总用量 16<br>-rw-rw---- 1 vdsm kvm 6 9月 11 20:06 1.txt<br>drwxr-xr-x 9 linx linx 4096 9月 1 15:58 linx-virtualization<br>drw-rw---- 3 linx linx 4096 9月 11 20:13 test2<br>drw-rw---- 2 linx linx 4096 9月 11 20:19 test3</div><div><br></div><div>then we can view the file in user "linx":</div><div>$ cat 1.txt <br>pencc</div><div><br></div><div>leases if vdsm:kvm too:</div><div>$ ls -l /rhev/data-center/mnt/<a href="http://192.168.11.55" target="_blank">192.168.11.55</a>\:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/leases <br>-rw-rw---- 1 vdsm kvm 2097152 9月 11 19:21 /rhev/data-center/mnt/192.168.11.55:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/leases</div><div><br></div><div>but we cannot read the file in user "linx":</div><div>$ cat /rhev/data-center/mnt/<a href="http://192.168.11.55" target="_blank">192.168.11.55</a>\:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/leases<br>cat: '/rhev/data-center/mnt/192.168.11.55:_home_dataStorage/1845be22-1ac4-4e42-bbcb-7ba9ccd6e569/dom_md/leases': 权限不够<br></div><div><br></div><div>why is this? follows the nfs server configure</div><div># cat /etc/exports <br><br>/home/dataStorage 192.168.11.*(rw,sync)<br>/home/dataStorage2 192.168.11.*(rw,sync,no_root_squash,no_subtree_check)<br>/home/isoStorage 192.168.11.*(rw,sync,no_root_squash,no_subtree_check)<br></div><div><br></div><div>Is my nfs-server configurations miss some arguments? have any idea?<br></div></div></div></div></blockquote></div><div><br></div><div>Try to setup a supported system (e.g centos, fedora) and compare the setup.</div><div><br></div><div>Can explain why user linx need access to vdsm/sanlock/qemu data?</div><div><br></div><div>Nir</div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><div id="m_5112730121177920253isForwardContent"><div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><div></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div><br><br><span title="neteasefooter"><p> </p></span></div></div><br><br><span title="neteasefooter"><p> </p></span>_______________________________________________<br>
Devel mailing list<br>
<a href="mailto:Devel@ovirt.org" target="_blank">Devel@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/devel" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman/listinfo/devel</a></blockquote></div>
</blockquote></div><br><br><span title="neteasefooter"><p> </p></span></blockquote></div><br><br><span title="neteasefooter"><p> </p></span>