[Users] ISO datastore, permission denied
This is a multi-part message in MIME format. --------------080401040704080402020309 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit I have an ISO datastore. In that datastore I'm using symlinks to point to my ISOs on an NFS share. All was working great. Along comes Black Friday and a shiny new 3TB hard drive. Out goes the 5 yo old 500gb drive with EXT 4 and in comes new 3TB drive with BTRFS. I installed new drive, shutdown VMs and use tar c | tar x to move data over. unmount old, remount new. Fire up VMs, all us well. Create new VM, attach boot ISO and I get: VM Gremlin is down. Exit message: internal error process exited while connecting to monitor: qemu-system-x86_64: -drive file=/rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial=: could not open disk image /rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso: Permission denied . huh? I search archives and see others have had this error in the past...Follow the suggestions...Run the nfstest python script, passes, check getsebool shows virt_use_nfs --> on. Also went through: http://www.ovirt.org/Troubleshooting_NFS_Storage_Issues My NFS server is Solaris 11.1, ZFS storage. If I copy the ISO directly to the directory it works fine. What am I missing? --------------080401040704080402020309 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> </head> <body bgcolor="#FFFFFF" text="#000000"> I have an ISO datastore. In that datastore I'm using symlinks to point to my ISOs on an NFS share. All was working great.<br> <br> Along comes Black Friday and a shiny new 3TB hard drive. Out goes the 5 yo old 500gb drive with EXT 4 and in comes new 3TB drive with BTRFS.<br> <br> I installed new drive, shutdown VMs and use tar c | tar x to move data over. unmount old, remount new. Fire up VMs, all us well. Create new VM, attach boot ISO and I get:<br> <div tabindex="0" title="VM Gremlin is down. Exit message: internal error process exited while connecting to monitor: qemu-system-x86_64: -drive file=/rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial=: could not open disk image /rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso: Permission denied ." style="outline-style: none;" __gwt_cell="cell-gwt-uid-3763"> <div id="gwt-uid-3368_col2_row2">VM Gremlin is down. Exit message: internal error process exited while connecting to monitor: qemu-system-x86_64: -drive file=/rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial=: could not open disk image /rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso: Permission denied .<br> <br> </div> </div> huh? I search archives and see others have had this error in the past...Follow the suggestions...Run the nfstest python script, passes, check getsebool shows virt_use_nfs --> on.<br> <br> Also went through: <a href="http://www.ovirt.org/Troubleshooting_NFS_Storage_Issues">http://www.ovirt.org/Troubleshooting_NFS_Storage_Issues</a><br> <br> My NFS server is Solaris 11.1, ZFS storage.<br> <br> If I copy the ISO directly to the directory it works fine. What am I missing?<br> </body> </html> --------------080401040704080402020309--
On Mon, Dec 23, 2013 at 4:56 PM, Blaster <Blaster@556nato.com> wrote:
I have an ISO datastore. In that datastore I'm using symlinks to point to my ISOs on an NFS share. All was working great.
Along comes Black Friday and a shiny new 3TB hard drive. Out goes the 5 yo old 500gb drive with EXT 4 and in comes new 3TB drive with BTRFS.
I installed new drive, shutdown VMs and use tar c | tar x to move data over. unmount old, remount new. Fire up VMs, all us well. Create new VM, attach boot ISO and I get: VM Gremlin is down. Exit message: internal error process exited while connecting to monitor: qemu-system-x86_64: -drive file=/rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial=: could not open disk image /rhev/data-center/mnt/_disk01_iso/4c70693a-d228-453e-b40d-93a214ec524b/images/11111111-1111-1111-1111-111111111111/Fedora-Live-Desktop-x86_64-20-1.iso: Permission denied .
huh? I search archives and see others have had this error in the past...Follow the suggestions...Run the nfstest python script, passes, check getsebool shows virt_use_nfs --> on.
Also went through: http://www.ovirt.org/Troubleshooting_NFS_Storage_Issues
My NFS server is Solaris 11.1, ZFS storage.
I'm a bit confused now, is the NFS server linux or Solaris? ZFS or BTRFS?
If I copy the ISO directly to the directory it works fine. What am I missing?
Maybe selinux labeling? What happens if you (temporarily!) set selinux to permissive with "setenforce 0"? Which user owns the file? What are the permissions on the file? And on the rest of the iso store? Any logging on the NFS server? Can you mount the ISO store from a different server?
This is a multi-part message in MIME format. --------------040203000408000403040001 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit On 12/23/2013 10:07 AM, Sander Grendelman wrote:
On Mon, Dec 23, 2013 at 4:56 PM, Blaster <Blaster@556nato.com <mailto:Blaster@556nato.com>> wrote:
My NFS server is Solaris 11.1, ZFS storage.
I'm a bit confused now, is the NFS server linux or Solaris? ZFS or BTRFS?
ISOs are on a Solaris 11.1 NFS server.
If I copy the ISO directly to the directory it works fine. What am I missing?
Maybe selinux labeling?
Yup!
What happens if you (temporarily!) set selinux to permissive with "setenforce 0"?
That fixed it....What's going on? I can su - vdsm and do an md5sum on all the ISOs. Why can't they be accessed via ovirt? I have a local datastore on the same volume in another directory tree that's working just fine. Why is selinux allowing local access, but not NFS via symlink? getsebool shows virt_use_nfs --> on. What other label do I need? Thanks for the help! --------------040203000408000403040001 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">On 12/23/2013 10:07 AM, Sander Grendelman wrote:<br> </div> <blockquote cite="mid:CAHa6cRS3iDZvT=tAmDVX+-xYwAo3PW+0tceRDF0Qr1EOjR+8tw@mail.gmail.com" type="cite"> <div dir="ltr"> <div class="gmail_extra"> <div class="gmail_quote">On Mon, Dec 23, 2013 at 4:56 PM, Blaster <span dir="ltr"><<a moz-do-not-send="true" href="mailto:Blaster@556nato.com" target="_blank">Blaster@556nato.com</a>></span> wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div bgcolor="#FFFFFF" text="#000000"> <br> My NFS server is Solaris 11.1, ZFS storage.<br> </div> </blockquote> <div>I'm a bit confused now, is the NFS server linux or Solaris? ZFS or BTRFS?<br> </div> </div> </div> </div> </blockquote> <br> ISOs are on a Solaris 11.1 NFS server.<br> <br> <blockquote cite="mid:CAHa6cRS3iDZvT=tAmDVX+-xYwAo3PW+0tceRDF0Qr1EOjR+8tw@mail.gmail.com" type="cite"> <div dir="ltr"> <div class="gmail_extra"> <div class="gmail_quote"> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div bgcolor="#FFFFFF" text="#000000"> <br> If I copy the ISO directly to the directory it works fine. What am I missing?<br> </div> </blockquote> <div><br> </div> <div>Maybe selinux labeling?<br> </div> </div> </div> </div> </blockquote> <br> Yup!<br> <br> <blockquote cite="mid:CAHa6cRS3iDZvT=tAmDVX+-xYwAo3PW+0tceRDF0Qr1EOjR+8tw@mail.gmail.com" type="cite"> <div dir="ltr"> <div class="gmail_extra"> <div class="gmail_quote"> <div>What happens if you (temporarily!) set selinux to permissive with "setenforce 0"?<br> </div> </div> </div> </div> </blockquote> <br> That fixed it....What's going on? I can su - vdsm and do an md5sum on all the ISOs. Why can't they be accessed via ovirt?<br> <br> I have a local datastore on the same volume in another directory tree that's working just fine.<br> <br> Why is selinux allowing local access, but not NFS via symlink? getsebool shows virt_use_nfs --> on. What other label do I need?<br> <br> Thanks for the help! <br> <br> </body> </html> --------------040203000408000403040001--
------=_Part_615157_1219040895.1387820257251 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Hi, ----- Original Message -----
From: "Blaster" <Blaster@556nato.com> To: "Sander Grendelman" <sander@grendelman.com> Cc: users@ovirt.org Sent: Monday, December 23, 2013 7:08:08 PM Subject: Re: [Users] ISO datastore, permission denied
On 12/23/2013 10:07 AM, Sander Grendelman wrote:
On Mon, Dec 23, 2013 at 4:56 PM, Blaster < Blaster@556nato.com > wrote:
My NFS server is Solaris 11.1, ZFS storage.
I'm a bit confused now, is the NFS server linux or Solaris? ZFS or BTRFS?
ISOs are on a Solaris 11.1 NFS server.
If I copy the ISO directly to the directory it works fine. What am I missing?
Maybe selinux labeling?
Yup!
What happens if you (temporarily!) set selinux to permissive with "setenforce 0"?
That fixed it....What's going on? I can su - vdsm and do an md5sum on all the ISOs. Why can't they be accessed via ovirt? Seems similar to https://bugzilla.redhat.com/1023970 although it's opened on hosted-engine.
I have a local datastore on the same volume in another directory tree that's working just fine.
Why is selinux allowing local access, but not NFS via symlink? getsebool shows virt_use_nfs --> on. What other label do I need?
Thanks for the help!
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
-- Didi ------=_Part_615157_1219040895.1387820257251 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit <html><body><div style="font-family: times new roman, new york, times, serif; font-size: 12pt; color: #000000"><div>Hi,</div><div><br></div><hr id="zwchr"><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><b>From: </b>"Blaster" <Blaster@556nato.com><br><b>To: </b>"Sander Grendelman" <sander@grendelman.com><br><b>Cc: </b>users@ovirt.org<br><b>Sent: </b>Monday, December 23, 2013 7:08:08 PM<br><b>Subject: </b>Re: [Users] ISO datastore, permission denied<br><div><br></div><div class="moz-cite-prefix">On 12/23/2013 10:07 AM, Sander Grendelman wrote:<br></div><blockquote cite="mid:CAHa6cRS3iDZvT=tAmDVX+-xYwAo3PW+0tceRDF0Qr1EOjR+8tw@mail.gmail.com"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Mon, Dec 23, 2013 at 4:56 PM, Blaster <span dir="ltr"><<a href="mailto:Blaster@556nato.com" target="_blank">Blaster@556nato.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br> My NFS server is Solaris 11.1, ZFS storage.<br></div></blockquote><div>I'm a bit confused now, is the NFS server linux or Solaris? ZFS or BTRFS?<br></div></div></div></div></blockquote><br> ISOs are on a Solaris 11.1 NFS server.<br><br><blockquote cite="mid:CAHa6cRS3iDZvT=tAmDVX+-xYwAo3PW+0tceRDF0Qr1EOjR+8tw@mail.gmail.com"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br> If I copy the ISO directly to the directory it works fine. What am I missing?<br></div></blockquote><div><br></div><div>Maybe selinux labeling?<br></div></div></div></div></blockquote><br> Yup!<br><br><blockquote cite="mid:CAHa6cRS3iDZvT=tAmDVX+-xYwAo3PW+0tceRDF0Qr1EOjR+8tw@mail.gmail.com"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div>What happens if you (temporarily!) set selinux to permissive with "setenforce 0"?<br></div></div></div></div></blockquote><br> That fixed it....What's going on? I can su - vdsm and do an md5sum on all the ISOs. Why can't they be accessed via ovirt?</blockquote><div><br></div><div>Seems similar to <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1023970" data-mce-href="https://bugzilla.redhat.com/show_bug.cgi?id=1023970">https://bugzilla.redhat.com/1023970</a> although it's opened on hosted-engine.</div><div><br></div><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><br><br> I have a local datastore on the same volume in another directory tree that's working just fine.<br><br> Why is selinux allowing local access, but not NFS via symlink? getsebool shows virt_use_nfs --> on. What other label do I need?<br><br> Thanks for the help! <br><br><br>_______________________________________________<br>Users mailing list<br>Users@ovirt.org<br>http://lists.ovirt.org/mailman/listinfo/users<br></blockquote><div><br><br></div><div><br></div><div>-- <br></div><div><span name="x"></span>Didi<span name="x"></span><br></div></div></body></html> ------=_Part_615157_1219040895.1387820257251--
participants (3)
-
Blaster -
Sander Grendelman -
Yedidyah Bar David