8:42 a.m.
On 02/13/2012 08:10 PM, Dan Kenigsberg wrote:
On Mon, Feb 13, 2012 at 08:57:23AM -0500, Keith Robertson wrote:
> On 02/13/2012 08:33 AM, Deepak C Shetty wrote:
>> On 02/13/2012 03:16 PM, Dan Kenigsberg wrote:
>>> On Sun, Feb 12, 2012 at 11:58:05PM +0530, Deepak C Shetty wrote:
>>>> Hi,
>>>> I have tried this multiple times and i hit the same error.
>>>>
>>>> I have 3 storage domains created (iso, data and export) all
>>>> connected to the DC with DC status as Up and
>>>> 1 host with status as Up and the same (only) host acting as SPM.
>>>>
>>>> I used the engine-iso-uploader utility to upload my .iso to
>>>> the iso domain.
>>>> Created a new VM and attached a vdisk of type sparse (thin-prov) and
>>>> click on "Run Once",
>>>> where i select "Attach CD" and select my .iso, and change boot
order
>>>> to boot from CD, then disk.
>>>>
>>>> But i get this error...
>>>>
>>>> VM first-ovirt-vm is down. Exit message internal error process
>>>> exited while connecting to monitor: qemu-kvm: -drive
file=/rhev/data-center/4087fea7-b54a-4318-8d5c-828eff8846f4/35f880f8-bd0c-4063-b171-2ddaa59e1212/images/11111111-1111-1111-1111-111111111111/Fedora-16-x86_64-DVD.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw:
>>>> could not open disk image
/rhev/data-center/4087fea7-b54a-4318-8d5c-828eff8846f4/35f880f8-bd0c-4063-b171-2ddaa59e1212/images/11111111-1111-1111-1111-111111111111/Fedora-16-x86_64-DVD.iso:
>>>> Permission denied .
>>>>
>>>> I am unable to figure out why.. bcos the user.group perms for the
>>>> .iso are fine.
>>>> In fact i logged into the system serving the nfs share and
>>>> added 0777 perms
>>>> still i get the same error. Here is the snip of how the perms for
>>>> .iso look like...
>>>>
>>>> ll
/tmp/iso1-domain/35f880f8-bd0c-4063-b171-2ddaa59e1212/images/11111111-1111-1111-1111-111111111111/Fedora-16-x86_64-DVD.iso
>>>> -rwxr-xr-x. 1 vdsm kvm 3757047808 Feb 13 04:24
/tmp/iso1-domain/35f880f8-bd0c-4063-b171-2ddaa59e1212/images/11111111-1111-1111-1111-111111111111/Fedora-16-x86_64-DVD.iso
>>> would you try `ls -lZ` ? Does your /var/log/audit/audit.log shows an
>>> selinux problem? What's `getenforce`? And `getsebool virt_use_nfs`?
>>>
>>> What is `groups qemu`?
>>> Does
>>> su - qemu -s /bin/bash -c 'strings your.iso'
>>> work for you?
>>>
>>> Regards,
>>> Dan.
>>>
>>>
>> Hello Dan,
>> Here is the output you requested...
>>
>> [root@llm56 ~]# ls -lZ
/rhev/data-center/4087fea7-b54a-4318-8d5c-828eff8846f4/35f880f8-bd0c-4063-b171-2ddaa59e1212/images/11111111-1111-1111-1111-111111111111/Fedora-16-x86_64-DVD.iso
>> -rwxr-xr-x. vdsm kvm system_u:object_r:nfs_t:s0
/rhev/data-center/4087fea7-b54a-4318-8d5c-828eff8846f4/35f880f8-bd0c-4063-b171-2ddaa59e1212/images/11111111-1111-1111-1111-111111111111/Fedora-16-x86_64-DVD.iso
>>
>> [root@llm56 ~]# getenforce
>> Enforcing
>>
>> [root@llm56 ~]# getsebool virt_use_nfs
>> virt_use_nfs --> off
Vdsm SHOULD configure this to "on" when it first starts, by running
/usr/sbin/semanage boolean -m -S targeted -F /dev/stdin<< _EOF
virt_use_nfs=1
_EOF
This hangs... tho' i see the below msgs in /var/log/messages...
Feb 14 17:39:58 llm56 dbus[1170]: avc: received policyload notice (seqno=5)
Feb 14 17:39:58 llm56 setsebool: The virt_use_nfs policy boolean was
changed to 1 by root
Feb 14 17:39:58 llm56 dbus[1170]: [system] Reloaded configuration
Feb 14 17:39:58 llm56 dbus-daemon[1170]: dbus[1170]: avc: received
policyload notice (seqno=5)
Feb 14 17:39:58 llm56 dbus-daemon[1170]: dbus[1170]: [system] Reloaded
configuration
I had to kill this from anotehr session, but using setsebool
virt_use_nfs 1 worked for me.
/usr/sbin/setsebool virt_use_nfs on
Please try running this as root to understand why it failed. qemu cannot
use NFS when this is off and selinux is enforcing