Re: [Kimchi-devel] Fwd: [project-kimchi] NFS img permission problem

On 01/22/2014 11:43 AM, Royce Lv wrote: > > > Guys, > > When testing with kimchi nfs feature, I filed two issues related to > nfs image permission problem: > > 1. volume creation failure: Because of storage pool permission is > not configured to make write > permission.(https://github.com/kimchi-project/kimchi/issues/261) > 2. vm with volume cannot be started: Root users are mapped to > nobody, so img it created cannot be accessed by libvirt-qemu(on ubuntu) > user.(https://github.com/kimchi-project/kimchi/issues/267) > > After discussed with Mark Wu, we would like to propose the > following to resolve these two problem: > > 1. To allow creation: export with all_squash(gid = kimchi_guid) and > group allow write permission. Also with planned nfs-pool prevalidation > (a timeout try mount in a process), we can check if the gid and > permission is right. This will save us from future trouble. > It is only related to NFS server setup, right? /home/alinefm *(rw,all_squash,anongid=<kimchi-gid>) So for that we should only write instructions to user on README or other doc file.

> 2. To allow qemu process(started by libvirt) to access img, we add > uid ('qemu' under fedora and 'libvirt-qemu' under ubuntu) which running > qemu process to 'kimchi' group to allow the write access of the img. > For that we need to create a group with the same kimchi gid used for NFS server and then add 'qemu/libvirt-qemu' to this group? Is that right?

> I am also investigating other possibilities like using storage pool > permissions and so on. > Welcome thoughts on it! >