[Users] Permission denied on disk image file !!
Anil Dhingra
anildhingra25 at gmail.com
Mon Oct 21 12:21:20 UTC 2013
*below is the output after reboot .. also after reboot we need to restart
sanlock daemon manually every time else no spm selection & hosts keep on
contending & fails*
**
*[root at node1-3-3 ~]# getsebool -a | egrep -i 'nfs|sanlock'*
allow_ftpd_use_nfs --> off
cobbler_use_nfs --> off
git_system_use_nfs --> off
httpd_use_nfs --> off
qemu_use_nfs --> on
rsync_use_nfs --> off
samba_share_nfs --> off
sanlock_use_fusefs --> off
sanlock_use_nfs --> off
sanlock_use_samba --> off
sge_use_nfs --> off
use_nfs_home_dirs --> on
*virt_use_nfs --> off
virt_use_sanlock --> off*
xen_use_nfs --> off
*[root at node1-3-3 ~]# getsebool -a | egrep -i allow_execstack*
allow_execstack --> on
[root at node1-3-3 ~]#
On Mon, Oct 21, 2013 at 7:16 PM, Fabian Deutsch <fabiand at redhat.com> wrote:
> Am Montag, den 21.10.2013, 15:44 +0800 schrieb Anil Dhingra:
> > hi
> >
> > Permission issue is resolved after changing on openfiler NFS share
> > permission .but still on every reboot we need to set below values
> > manually
> > Any idea how to make it perm
> >
> > setsebool -P virt_use_sanlock=on
> > setsebool -P virt_use_nfs=on
>
> Hum ... That's interesting.
> We actually set both of them to on during the installation of the
> ovirt-node selinux package:
> /usr/sbin/setsebool -P allow_execstack=0 \
> virt_use_nfs=1 \
> virt_use_sanlock=1 \
> sanlock_use_nfs=1
>
> What does
> getsebool virt_use_sanlock virt_use_nfs
>
> say?
>
> - fabian
>
> >
> > On Wed, Oct 16, 2013 at 8:24 AM, Itamar Heim <iheim at redhat.com> wrote:
> > On 10/15/2013 11:05 AM, Anil Dhingra wrote:
> >
> > Hi Guys
> > Any know issue why we are not able to start VM due to
> > permission issue
> > on disk image file .. as per docs ownership should be
> > vdsm:kvm byt not
> > sure why its showing below
> > used - both ovirt-node-iso-3.0.1-1.0.1.vdsm.el6 &
> > ovirt-node-iso-3.0.1-1.0.2.vdsm.el6 same issue
> > [ using NFS Domain ]
> > VM n0001vdap is down. Exit message: internal error
> > process exited while
> > connecting to monitor: qemu-kvm: -drive
> >
> file=/rhev/data-center/d09d8a3e-8ab4-42fc-84ec-86f307d144a0/1a04e13a-0ed4-40d6-a153-f7091c65d916/images/44e3fc9b-0382-4c11-b00c-35bd74032e9a/34542412-ed50-4350-8867-0d7d5f8127fd,if=none,id=drive-virtio-disk0,format=raw,serial=44e3fc9b-0382-4c11-b00c-35bd74032e9a,cache=none,werror=stop,rerror=stop,aio=threads:
> >
> > *could not open *disk image
> >
> */rhev/data-center*/d09d8a3e-8ab4-42fc-84ec-86f307d144a0/1a04e13a-0ed4-40d6-a153-f7091c65d916/*images*/44e3fc9b-0382-4c11-b00c-35bd74032e9a/34542412-ed50-4350-8867-0d7d5f8127fd:
> > *Permission denied*
> >
> >
> > [root at node1 44e3fc9b-0382-4c11-b00c-35bd74032e9a]# ls
> > -lh
> > total 1.1M
> >
> > -rw-rw----+ 1 *vdsm 96* 6.0G 2013-10-15 05:47
> > 34542412-ed50-4350-8867-0d7d5f8127fd
> > -rw-rw----+ 1 *vdsm 96* 1.0M 2013-10-15 05:47
> > 34542412-ed50-4350-8867-0d7d5f8127fd.lease
> > -rw-rw-rw-+ 1 *vdsm 96* 268 2013-10-15 05:47
> >
> > 34542412-ed50-4350-8867-0d7d5f8127fd.meta
> > As it doesn't allow us o change permissions any
> > alternate way for this
> >
> > ?or do I need to manually set permissions in
> > *"/etc/libvirt/qemu.conf"*
> > alos ther is no such *group *with*"96"* .. so from
> > where it picks this
> >
> > config .
> > Another question is related to SELINUX config change
> > for below 2
> >
> > parameters to recover from error "*internal error
> > Failed to open socket
> > to sanlock daemon: Permission denied*" I saw some
> > where this is fixed
> >
> > but not sure why it appears VDSM should take care of
> > this auto
> > setsebool -P virt_use_sanlock=on
> > setsebool -P virt_use_nfs=on
> >
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
> >
> > have you tried:
> > http://www.ovirt.org/wiki/Troubleshooting_NFS_Storage_Issues
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131021/56a94dda/attachment-0001.html>
More information about the Users
mailing list