[one-users] open /dev/kvm: Permission denied on Debian Squeeze

Javier Alvarez javier.alvarez at bsc.es
Wed Jul 25 03:15:02 PDT 2012 

Hello Valentin,

Apparently, when creating a VM as a regular user, the only group that is 
taken into account is the one that appears as 'gid' (oneadmin in this 
case). So what I did to solve the problem was to change the owner of 
/dev/kvm to root.oneadmin.

Best,

Javi

On 25/07/12 11:19, Valentin Bud wrote:
> Hello,
>
> I have recently setup OpenNebula 3.6 on 2 Debian Squeeze boxes. Both 
> machines function as hosts, one of them as frontend.
> I have followed the OpenNebula documentation [1] to setup the KVM 
> driver on the hosts.
>
> ### Host A
>
> # kvm --version
> QEMU PC emulator version 0.12.5 (qemu-kvm-0.12.5), Copyright (c) 
> 2003-2008 Fabrice Bellard
>
> # virsh --version
> 0.8.3
>
> # grep -vE '^($|#)' /etc/libvirt/qemu.conf
> user = "oneadmin"
> group = "oneadmin"
> dynamic_ownership = 0
>
> # id oneadmin
> uid=1001(oneadmin) gid=1001(oneadmin) 
> groups=1001(oneadmin),106(kvm),108(libvirt)
>
> # ls -al /dev/kvm
> crw-rw---- 1 root kvm 10, 232 Jul 25 11:23 /dev/kvm
>
> ### Host B
>
> # kvm --version
> QEMU PC emulator version 0.12.5 (qemu-kvm-0.12.5), Copyright (c) 
> 2003-2008 Fabrice Bellard
>
> # virsh --version
> 0.8.3
>
> # grep -vE '^($|#)' /etc/libvirt/qemu.conf
> user = "oneadmin"
> group = "oneadmin"
> dynamic_ownership = 0
>
> # id oneadmin
> uid=1001(oneadmin) gid=1001(oneadmin) 
> groups=1001(oneadmin),106(kvm),108(libvirt)
>
> # ls -al /dev/kvm
> crw-rw---- 1 root kvm 10, 232 Jul 25 11:23 /dev/kvm
>
> Doesn't matter on which host the VM gets deployed, the error is the 
> same. The error follows:
>
> LC_ALL=C 
> PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin 
> HOME=/root USER=root LOGNAME=root QEMU_AUDIO_DRV=none /usr/bin/kvm -S 
> -M pc-0.12 -enable-kvm -m 1024 -smp 1,sockets=1,cores=1,threads=1 
> -name one-4 -uuid a7db4cd7-e258-503a-cc57-59d2dc1135ea -nodefaults 
> -chardev 
> socket,id=monitor,path=/var/lib/libvirt/qemu/one-4.monitor,server,nowait 
> -mon chardev=monitor,mode=readline -rtc base=utc -boot c -device 
> lsi,id=scsi0,bus=pci.0,addr=0x5 -drive 
> file=/var/lib/one/datastores/0/4/disk.0,if=none,id=drive-scsi0-0-0,boot=on,format=qcow2 
> -device 
> scsi-disk,bus=scsi0.0,scsi-id=0,drive=drive-scsi0-0-0,id=scsi0-0-0 
> -device 
> rtl8139,vlan=0,id=net0,mac=02:00:0a:41:02:65,bus=pci.0,addr=0x3 -net 
> tap,fd=36,vlan=0,name=hostnet0 -device 
> rtl8139,vlan=1,id=net1,mac=02:00:0a:41:03:65,bus=pci.0,addr=0x4 -net 
> tap,fd=37,vlan=1,name=hostnet1 -usb -vnc 0.0.0.0:4 <http://0.0.0.0:4> 
> -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
> open /dev/kvm: Permission denied
> Could not initialize KVM, will disable KVM support
>
> I don't have AppArmor installed or any other tool of this kind. It's 
> just a stock Debian Squeeze install. OpenNebula was compiled on 
> another machine and installed on Host A which is the frontend.
>
> Does anyone of you have any idea about this error? I have Googled 
> around but could not find any answer. Everything seems correct as per 
> OpenNebula KVM documentation [1].
>
> Thank you for your time invested in reading this email. Cheers and 
> Goodwill,
> Valentin Bud
>
> [1]: http://opennebula.org/documentation:rel3.6:kvmg
> -- 
> w: http://ing.enia.re/ <http://databus.ro/blog>
> in: http://www.linkedin.com/pub/valentin-bud/9/881/830
> t: https://twitter.com/valentinbud
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


-- 
Javier Álvarez Cid-Fuentes
Grid Computing and Clusters Group
Barcelona Supercomputing Center (BSC-CNS)
Tel. (+34) 93 413 72 46



WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

http://www.bsc.es/disclaimer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20120725/f7f88ea8/attachment-0003.htm>

More information about the Users mailing list