[one-users] open /dev/kvm: Permission denied on Debian Squeeze

Jaime Melis jmelis at opennebula.org
Fri Sep 21 02:34:07 PDT 2012 

FYI: http://dev.opennebula.org/issues/1489

On Thu, Sep 13, 2012 at 12:37 PM, Jaime Melis <jmelis at opennebula.org> wrote:

> Hello Valentin,
>
> Thanks for the tip, we will review it and include in the documentation.
>
> Thanks!
>
> Jaime
>
>
> On Wed, Jul 25, 2012 at 1:36 PM, Valentin Bud <valentin.bud at gmail.com>wrote:
>
>> Hello Javier,
>>
>> Thank you for your answer. Indeed, changing /dev/kvm group to oneadmin
>> solved the problem. I can now happily launch VMs on the Cloud.
>>
>> For future references, to make the change persist after reboot I have
>> done:
>>
>> # cat > /etc/udev/rules.d/60-qemu-kvm.rules
>> KERNEL=="kvm", GROUP="oneadmin", MODE="0660"
>>
>> I have also read the man page for udev to get this right. Learned
>> something new today :).
>>
>> Maybe the OpenNebula developers could add this to the documentation in
>> the KVM Configuration [1] section as a note for Debian Squeeze.
>>
>> NOTE:
>> On Debian Squeeze when creating a VM as a regular user, the only group
>> that is taken into account is the  one  that appears as 'gid' (oneadmin in
>> this case). To solve the problem change the owner of /dev/kvm 'to
>> root.oneadmin. To make the changes persist after reboot:
>>
>> # cat /etc/udev/rules.d/60-qemu-kvm.rules
>> KERNEL=="kvm", GROUP="oneadmin", MODE="0660"
>>
>> [1] - http://opennebula.org/documentation:rel3.6:kvmg
>>
>>
>> Cheers and Goodwill,
>> Valentin Bud
>>
>> On Wed, Jul 25, 2012 at 1:15 PM, Javier Alvarez <javier.alvarez at bsc.es>wrote:
>>
>>>  Hello Valentin,
>>>
>>> Apparently, when creating a VM as a regular user, the only group that is
>>> taken into account is the one that appears as 'gid' (oneadmin in this
>>> case). So what I did to solve the problem was to change the owner of
>>> /dev/kvm to root.oneadmin.
>>>
>>> Best,
>>>
>>> Javi
>>>
>>>
>>> On 25/07/12 11:19, Valentin Bud wrote:
>>>
>>> Hello,
>>>
>>> I have recently setup OpenNebula 3.6 on 2 Debian Squeeze boxes. Both
>>> machines function as hosts, one of them as frontend.
>>> I have followed the OpenNebula documentation [1] to setup the KVM driver
>>> on the hosts.
>>>
>>> ### Host A
>>>
>>> # kvm --version
>>> QEMU PC emulator version 0.12.5 (qemu-kvm-0.12.5), Copyright (c)
>>> 2003-2008 Fabrice Bellard
>>>
>>> # virsh --version
>>> 0.8.3
>>>
>>> # grep -vE '^($|#)' /etc/libvirt/qemu.conf
>>> user = "oneadmin"
>>> group = "oneadmin"
>>> dynamic_ownership = 0
>>>
>>> # id oneadmin
>>> uid=1001(oneadmin) gid=1001(oneadmin)
>>> groups=1001(oneadmin),106(kvm),108(libvirt)
>>>
>>> # ls -al /dev/kvm
>>> crw-rw---- 1 root kvm 10, 232 Jul 25 11:23 /dev/kvm
>>>
>>> ### Host B
>>>
>>> # kvm --version
>>> QEMU PC emulator version 0.12.5 (qemu-kvm-0.12.5), Copyright (c)
>>> 2003-2008 Fabrice Bellard
>>>
>>> # virsh --version
>>> 0.8.3
>>>
>>> # grep -vE '^($|#)' /etc/libvirt/qemu.conf
>>> user = "oneadmin"
>>> group = "oneadmin"
>>> dynamic_ownership = 0
>>>
>>> # id oneadmin
>>> uid=1001(oneadmin) gid=1001(oneadmin)
>>> groups=1001(oneadmin),106(kvm),108(libvirt)
>>>
>>> # ls -al /dev/kvm
>>> crw-rw---- 1 root kvm 10, 232 Jul 25 11:23 /dev/kvm
>>>
>>> Doesn't matter on which host the VM gets deployed, the error is the
>>> same. The error follows:
>>>
>>> LC_ALL=C
>>> PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
>>> HOME=/root USER=root LOGNAME=root QEMU_AUDIO_DRV=none /usr/bin/kvm -S -M
>>> pc-0.12 -enable-kvm -m 1024 -smp 1,sockets=1,cores=1,threads=1 -name one-4
>>> -uuid a7db4cd7-e258-503a-cc57-59d2dc1135ea -nodefaults -chardev
>>> socket,id=monitor,path=/var/lib/libvirt/qemu/one-4.monitor,server,nowait
>>> -mon chardev=monitor,mode=readline -rtc base=utc -boot c -device
>>> lsi,id=scsi0,bus=pci.0,addr=0x5 -drive
>>> file=/var/lib/one/datastores/0/4/disk.0,if=none,id=drive-scsi0-0-0,boot=on,format=qcow2
>>> -device scsi-disk,bus=scsi0.0,scsi-id=0,drive=drive-scsi0-0-0,id=scsi0-0-0
>>> -device rtl8139,vlan=0,id=net0,mac=02:00:0a:41:02:65,bus=pci.0,addr=0x3
>>> -net tap,fd=36,vlan=0,name=hostnet0 -device
>>> rtl8139,vlan=1,id=net1,mac=02:00:0a:41:03:65,bus=pci.0,addr=0x4 -net
>>> tap,fd=37,vlan=1,name=hostnet1 -usb -vnc 0.0.0.0:4 -vga cirrus -device
>>> virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
>>> open /dev/kvm: Permission denied
>>> Could not initialize KVM, will disable KVM support
>>>
>>> I don't have AppArmor installed or any other tool of this kind. It's
>>> just a stock Debian Squeeze install. OpenNebula was compiled on another
>>> machine and installed on Host A which is the frontend.
>>>
>>> Does anyone of you have any idea about this error? I have Googled around
>>> but could not find any answer. Everything seems correct as per OpenNebula
>>> KVM documentation [1].
>>>
>>> Thank you for your time invested in reading this email. Cheers and
>>> Goodwill,
>>> Valentin Bud
>>>
>>> [1]: http://opennebula.org/documentation:rel3.6:kvmg
>>> --
>>> w: http://ing.enia.re/ <http://databus.ro/blog>
>>> in: http://www.linkedin.com/pub/valentin-bud/9/881/830
>>> t: https://twitter.com/valentinbud
>>>
>>>
>>>
>>> _______________________________________________
>>> Users mailing listUsers at lists.opennebula.orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>>>
>>>
>>> --
>>> Javier Álvarez Cid-Fuentes
>>> Grid Computing and Clusters Group
>>> Barcelona Supercomputing Center (BSC-CNS)
>>> Tel. (+34) 93 413 72 46
>>>
>>>
>>>
>>> WARNING / LEGAL TEXT: This message is intended only for the use of the
>>> individual or entity to which it is addressed and may contain information
>>> which is privileged, confidential, proprietary, or exempt from disclosure
>>> under applicable law. If you are not the intended recipient or the person
>>> responsible for delivering the message to the intended recipient, you are
>>> strictly prohibited from disclosing, distributing, copying, or in any way
>>> using this message. If you have received this communication in error,
>>> please notify the sender and destroy and delete any copies you may have
>>> received.
>>>
>>> http://www.bsc.es/disclaimer <http://www.bsc.es/disclaimer.htm>
>>>
>>
>>
>>
>> --
>> w: http://ing.enia.re/
>> in: http://www.linkedin.com/pub/valentin-bud/9/881/830
>> t: https://twitter.com/valentinbud
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>>
>
>
> --
> Jaime Melis
> Project Engineer
> OpenNebula - The Open Source Toolkit for Cloud Computing
> www.OpenNebula.org | jmelis at opennebula.org
>



-- 
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | jmelis at opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20120921/f8c25a3f/attachment-0002.htm>

More information about the Users mailing list