<div dir="ltr"><div>Hi All </div><div> </div><div>Is there any fix available for abv ?</div><div> </div><div>Thanks</div><div>Anil</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Oct 21, 2013 at 8:34 PM, Fabian Deutsch <span dir="ltr">&lt;<a href="mailto:fabiand@redhat.com" target="_blank">fabiand@redhat.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Am Montag, den 21.10.2013, 20:21 +0800 schrieb Anil Dhingra:<br>
<div class="im">&gt;<br>
&gt; below is the output after reboot .. also after reboot we need to<br>
&gt; restart sanlock daemon manually every time else no spm selection &amp;<br>
&gt; hosts keep on contending &amp; fails<br>
<br>
</div>Do you know what the problem of the sanlock daemon is, so why it needs<br>
to be restarted?<br>
<div class="im"><br>
&gt; [root@node1-3-3 ~]# getsebool -a | egrep -i &#39;nfs|sanlock&#39;<br>
&gt; allow_ftpd_use_nfs --&gt; off<br>
&gt; cobbler_use_nfs --&gt; off<br>
&gt; git_system_use_nfs --&gt; off<br>
&gt; httpd_use_nfs --&gt; off<br>
&gt; qemu_use_nfs --&gt; on<br>
&gt; rsync_use_nfs --&gt; off<br>
&gt; samba_share_nfs --&gt; off<br>
&gt; sanlock_use_fusefs --&gt; off<br>
&gt; sanlock_use_nfs --&gt; off<br>
&gt; sanlock_use_samba --&gt; off<br>
&gt; sge_use_nfs --&gt; off<br>
&gt; use_nfs_home_dirs --&gt; on<br>
&gt; virt_use_nfs --&gt; off<br>
&gt; virt_use_sanlock --&gt; off<br>
&gt; xen_use_nfs --&gt; off<br>
&gt; [root@node1-3-3 ~]# getsebool -a | egrep -i allow_execstack<br>
&gt; allow_execstack --&gt; on<br>
&gt; [root@node1-3-3 ~]#<br>
<br>
</div>Seems like it was changed. Is maybe VDSM changing it?<br>
<br>
Greetings<br>
<span class="HOEnZb"><font color="#888888">fabian<br>
</font></span><div class="HOEnZb"><div class="h5"><br>
<br>
&gt;<br>
&gt; On Mon, Oct 21, 2013 at 7:16 PM, Fabian Deutsch &lt;<a href="mailto:fabiand@redhat.com">fabiand@redhat.com</a>&gt;<br>
&gt; wrote:<br>
&gt;         Am Montag, den 21.10.2013, 15:44 +0800 schrieb Anil Dhingra:<br>
&gt;         &gt; hi<br>
&gt;         &gt;<br>
&gt;         &gt; Permission issue is resolved after changing on openfiler NFS<br>
&gt;         share<br>
&gt;         &gt; permission  .but still on every reboot we need to set below<br>
&gt;         values<br>
&gt;         &gt; manually<br>
&gt;         &gt; Any idea how to make it perm<br>
&gt;         &gt;<br>
&gt;         &gt; setsebool -P virt_use_sanlock=on<br>
&gt;         &gt; setsebool -P virt_use_nfs=on<br>
&gt;<br>
&gt;<br>
&gt;         Hum ... That&#39;s interesting.<br>
&gt;         We actually set both of them to on during the installation of<br>
&gt;         the<br>
&gt;         ovirt-node selinux package:<br>
&gt;         /usr/sbin/setsebool -P allow_execstack=0 \<br>
&gt;                                virt_use_nfs=1 \<br>
&gt;                                virt_use_sanlock=1 \<br>
&gt;                                sanlock_use_nfs=1<br>
&gt;<br>
&gt;         What does<br>
&gt;         getsebool virt_use_sanlock virt_use_nfs<br>
&gt;<br>
&gt;         say?<br>
&gt;<br>
&gt;         - fabian<br>
&gt;<br>
&gt;         &gt;<br>
&gt;         &gt; On Wed, Oct 16, 2013 at 8:24 AM, Itamar Heim<br>
&gt;         &lt;<a href="mailto:iheim@redhat.com">iheim@redhat.com</a>&gt; wrote:<br>
&gt;         &gt;         On 10/15/2013 11:05 AM, Anil Dhingra wrote:<br>
&gt;         &gt;<br>
&gt;         &gt;                 Hi Guys<br>
&gt;         &gt;                 Any know issue why we are not able to start<br>
&gt;         VM due to<br>
&gt;         &gt;                 permission issue<br>
&gt;         &gt;                 on disk image file .. as per docs ownership<br>
&gt;         should be<br>
&gt;         &gt;                 vdsm:kvm  byt not<br>
&gt;         &gt;                 sure why its showing below<br>
&gt;         &gt;                 used - both<br>
&gt;          ovirt-node-iso-3.0.1-1.0.1.vdsm.el6 &amp;<br>
&gt;         &gt;                 ovirt-node-iso-3.0.1-1.0.2.vdsm.el6  same<br>
&gt;         issue<br>
&gt;         &gt;                  [ using NFS Domain ]<br>
&gt;         &gt;                 VM n0001vdap is down. Exit message: internal<br>
&gt;         error<br>
&gt;         &gt;                 process exited while<br>
&gt;         &gt;                 connecting to monitor: qemu-kvm: -drive<br>
&gt;         &gt;<br>
&gt;         file=/rhev/data-center/d09d8a3e-8ab4-42fc-84ec-86f307d144a0/1a04e13a-0ed4-40d6-a153-f7091c65d916/images/44e3fc9b-0382-4c11-b00c-35bd74032e9a/34542412-ed50-4350-8867-0d7d5f8127fd,if=none,id=drive-virtio-disk0,format=raw,serial=44e3fc9b-0382-4c11-b00c-35bd74032e9a,cache=none,werror=stop,rerror=stop,aio=threads:<br>

&gt;         &gt;<br>
&gt;         &gt;                 *could not open *disk image<br>
&gt;         &gt;<br>
&gt;         */rhev/data-center*/d09d8a3e-8ab4-42fc-84ec-86f307d144a0/1a04e13a-0ed4-40d6-a153-f7091c65d916/*images*/44e3fc9b-0382-4c11-b00c-35bd74032e9a/34542412-ed50-4350-8867-0d7d5f8127fd:<br>
&gt;         &gt;                 *Permission denied*<br>
&gt;         &gt;<br>
&gt;         &gt;<br>
&gt;         &gt;                 [root@node1<br>
&gt;         44e3fc9b-0382-4c11-b00c-35bd74032e9a]# ls<br>
&gt;         &gt;                 -lh<br>
&gt;         &gt;                 total 1.1M<br>
&gt;         &gt;<br>
&gt;         &gt;                 -rw-rw----+ 1 *vdsm 96* 6.0G 2013-10-15<br>
&gt;         05:47<br>
&gt;         &gt;                 34542412-ed50-4350-8867-0d7d5f8127fd<br>
&gt;         &gt;                 -rw-rw----+ 1 *vdsm 96* 1.0M 2013-10-15<br>
&gt;         05:47<br>
&gt;         &gt;                 34542412-ed50-4350-8867-0d7d5f8127fd.lease<br>
&gt;         &gt;                 -rw-rw-rw-+ 1 *vdsm 96*  268 2013-10-15<br>
&gt;         05:47<br>
&gt;         &gt;<br>
&gt;         &gt;                 34542412-ed50-4350-8867-0d7d5f8127fd.meta<br>
&gt;         &gt;                 As it doesn&#39;t allow us o change permissions<br>
&gt;         any<br>
&gt;         &gt;                 alternate way for this<br>
&gt;         &gt;<br>
&gt;         &gt;                 ?or do I need to manually set permissions in<br>
&gt;         &gt;                 *&quot;/etc/libvirt/qemu.conf&quot;*<br>
&gt;         &gt;                 alos ther is no such *group *with*&quot;96&quot;* ..<br>
&gt;         so from<br>
&gt;         &gt;                 where it picks this<br>
&gt;         &gt;<br>
&gt;         &gt;                 config .<br>
&gt;         &gt;                 Another question is related to SELINUX<br>
&gt;         config change<br>
&gt;         &gt;                 for below 2<br>
&gt;         &gt;<br>
&gt;         &gt;                 parameters to recover from error &quot;*internal<br>
&gt;         error<br>
&gt;         &gt;                 Failed to open socket<br>
&gt;         &gt;                 to sanlock daemon: Permission denied*&quot; I saw<br>
&gt;         some<br>
&gt;         &gt;                 where this is fixed<br>
&gt;         &gt;<br>
&gt;         &gt;                 but not sure why it appears  VDSM should<br>
&gt;         take care of<br>
&gt;         &gt;                 this auto<br>
&gt;         &gt;                 setsebool -P virt_use_sanlock=on<br>
&gt;         &gt;                 setsebool -P virt_use_nfs=on<br>
&gt;         &gt;<br>
&gt;         &gt;<br>
&gt;         &gt;<br>
&gt;         &gt;<br>
&gt;         _______________________________________________<br>
&gt;         &gt;                 Users mailing list<br>
&gt;         &gt;                 <a href="mailto:Users@ovirt.org">Users@ovirt.org</a><br>
&gt;         &gt;<br>
&gt;         <a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
&gt;         &gt;<br>
&gt;         &gt;<br>
&gt;         &gt;         have you tried:<br>
&gt;         &gt;<br>
&gt;         <a href="http://www.ovirt.org/wiki/Troubleshooting_NFS_Storage_Issues" target="_blank">http://www.ovirt.org/wiki/Troubleshooting_NFS_Storage_Issues</a><br>
&gt;         &gt;<br>
&gt;         &gt;<br>
&gt;         &gt; _______________________________________________<br>
&gt;         &gt; Users mailing list<br>
&gt;         &gt; <a href="mailto:Users@ovirt.org">Users@ovirt.org</a><br>
&gt;         &gt; <a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt;<br>
<br>
<br>
</div></div></blockquote></div><br></div>