[ovirt-devel] 答复: Debug vdsm 4.0.0 report error: libvirt: XML-RPC error : Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied

Tue Jul 26 06:02:33 UTC 2016

I do make a mistake because I just print os.getuid() show the user root; but os.geteuid() show the current user is still vdsm;

Anyway , I still don’t know how to debug vdsm, I cann’t log in to centos with user VDSM, because I don’t know the passwd of user vdsm and if I changed the password, the service vdsmd will cann’t start.

You told me “should follow the devel setup wiki” , what’s the true link of vdsm devel setup wiki ?  I can’t get useful information in ovirt.org or google.

Thank you

发件人: Michal Skrivanek [mailto:mskrivan at redhat.com] 
发送时间: 2016年7月26日 5:00
收件人: lifuqiong
抄送: users; devel
主题: Re: [ovirt-devel] Debug vdsm 4.0.0 report error: libvirt: XML-RPC error : Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied

On 25 Jul 2016, at 21:50, Sandro Bonazzola <sbonazzo at redhat.com> wrote:

Adding some people from virt team.

Il 23/Lug/2016 11:44, "lifuqiong" <lifuqiong at cncloudsec.com> ha scritto:
>
> I debugged vdsm with PyCharm, And I logged on my Centos 7.2 with root,  and get an error as follows:
>
>  
>
> Problem:
>
>  
>
> Traceback (most recent call last):
>
>   File "/usr/share/vdsm/vdsm", line 149, in run
>
>     serve_clients(log)
>
>   File "/usr/share/vdsm/vdsm", line 104, in serve_clients
>
>     cif = clientIF.getInstance(irs, log, scheduler)
>
>   File "/usr/share/vdsm/clientIF.py", line 204, in getInstance
>
>     cls._instance = clientIF(irs, log, scheduler)
>
>   File "/usr/share/vdsm/clientIF.py", line 106, in __init__
>
>     secret.clear()
>
>   File "/usr/lib/python2.7/site-packages/vdsm/virt/secret.py", line 92, in clear
>
>     con = libvirtconnection.get()
>
>   File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 163, in get
>
>     password)
>
>   File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 99, in open_connection
>
>     return utils.retry(libvirtOpen, timeout=10, sleep=0.2)
>
>   File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 546, in retry
>
>     return func()
>
>   File "/usr/lib64/python2.7/site-packages/libvirt.py", line 105, in openAuth
>
>     if ret is None:raise libvirtError('virConnectOpenAuth() failed')
>
> libvirtError: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied
>
>  
>
> Investitate:
>
> According to the traceback above, the code in libvirt.py as below, and  os.geteuid() get ‘0’ which shows the current user is root;

vdsm is not supposed to be run under root user. For debugging you should follow the devel setup wiki and not change a regular host. 

Depends what you modified, it's impossible to say from what you described....but a general advice is you simply don't do that:)

>
>  
>
> def openAuth(uri, auth, flags=0):
>
>          #print os.geteuid()
>
>     ret = libvirtmod.virConnectOpenAuth(uri, auth, flags)
>
>     if ret is None:raise libvirtError('virConnectOpenAuth() failed')
>
> return virConnect(_obj=ret)
>
>  
>
> [root at server117 libvirt]# ll /var/run/libvirt/libvirt-sock
>
> srwxrwx---. 1 root qemu 0 Jul 19 23:43 /var/run/libvirt/libvirt-sock
>
>  
>
> According that, root should not get an Permission denied error ? But why?
>
>  
>
> And I setenforce=0 , and still show Perssion denied error.
>
>  
>
> What’s the reason? And how to solve it?
>
>  
>
> Thank you.
>
>
> _______________________________________________
> Devel mailing list
> Devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/devel/attachments/20160726/fbb03b82/attachment.html>