[one-users] Permission denied while creating VM
Jaime Melis
jmelis at opennebula.org
Thu Feb 28 09:21:50 PST 2013
Sorry Tobias, the command I sent is not the correct one, you have to
explicitely say that you want to connect to the system socket. Do this
instead:
$ sudo -u oneadmin virsh -c qemu:///system create deployment.0
On Thu, Feb 28, 2013 at 6:14 PM, Tobias Honacker
<t.honacker at googlemail.com>wrote:
> Hi Jaime,
>
> Thanks for the support.
>
> ---snip---
>
> bash-4.1$ sudo -u oneadmin virsh create deployment.0 ****
>
> Fehler: Fehler beim Erstellen der Domain von deployment.0****
>
> Fehler: Unable to create tap device vnet%d: Operation not permitted****
>
> ---snip---
>
>
>
> Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?
>
>
> --> nope, exact same error.
>
>
> It could be a polkit problem, have you grepped the usual suspects?
> auth.log, etc…
>
>
> --> can't see any error or strange log files
>
>
>
> /var/log/libvirt/libvirtd.log :
>
>
> 2013-02-28 14:57:10.341+0000: 11893: error : qemuMonitorOpenUnix:266 :
> failed to connect to monitor socket: No such process
>
> 2013-02-28 14:57:10.342+0000: 11893: error :
> qemuProcessWaitForMonitor:1533 : internal error process exited while
> connecting to monitor:
>
> qemu-kvm: -drive
> file=/var/lib/one//datastores/0/17/disk.0,if=none,id=drive-ide0-0-0,format=raw:
> could not open disk image /var/lib/one//datastores/0/17/disk.0: Permission
> denied
>
>
> Don't know what "
>
> failed to connect to monitor socket: No such process" means, all settings
> are correct in my opinion.
>
>
>
> Best regards,
>
> Tobias
>
>
> Von: Jaime Melis <jmelis at opennebula.org>
> Datum: Thu, 28 Feb 2013 16:36:45 +0100
> An: Tobias Honacker <t.honacker at googlemail.com>
> Cc: Users OpenNebula <users at lists.opennebula.org>
> Betreff: Re: [one-users] Permission denied while creating VM
>
> Hi Tobias,
>
> I have no idea why that's happening to you. I'm wondering, have you tried
> start the VM manually in the host after it fails to deploy? the files
> should be still there until you do "onevm delete".
> $ virsh create /var/lib/one/datastores/0/<vm_id>/deployment.0
>
> Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?
>
> It could be a polkit problem, have you grepped the usual suspects?
> auth.log, etc...
>
> cheers,
> Jaime
>
>
> On Tue, Feb 26, 2013 at 5:21 PM, Tobias Honacker <
> t.honacker at googlemail.com> wrote:
>
>> Hi guys,
>>
>> My environment:
>>
>> OS: CentOS 6.3
>> Version: OpenNebula 3.8.3
>> Datastore: LVM (DRBD 8.4.3 + clvm + crm)
>> Filesystem of /var/lib/one: ext4
>> Images: 1x (Type: Datablock - 10G) and 1x (Type: CDROM - Path
>> /tmp/debian-image.iso)
>> LVM Storage is working perfectly and without errors!
>>
>>
>> My Problem:
>>
>> VM is not booting cause of this error:
>>
>> ---snip---
>> Tue Feb 26 16:17:35 2013 [VMM][D]: Message received: LOG I 1 Successfully
>> execute network driver operation: pre.
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Command
>> execution fail: cat << EOT | /var/lib/one/remotes/vmm/kvm/deploy
>> /var/lib/one//datastores/0/1/deployment.0 priv$
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error: Failed
>> to create domain from /var/lib/one//datastores/0/1/deployment.0
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error:
>> internal error process exited while connecting to monitor: qemu-kvm:
>> -drive
>>
>> file=/var/lib/one//datastores/0/1/disk.0,if=none,id=drive-ide0-0-0,format=r
>> aw: could not open disk image /var/lib/one//datastores/0/1/disk.0:
>> Permission denied
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG E 1 Could not
>> create domain from /var/lib/one//datastores/0/1/deployment.0
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 ExitCode: 255
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Failed to
>> execute virtualization driver operation: deploy.
>>
>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: DEPLOY FAILURE 1
>> Could not create domain from /var/lib/one//datastores/0/1/deployment.0
>> ---snip---
>>
>>
>>
>> Datastore Config:
>>
>> NAME = drbd
>> DS_MAD = lvm
>> TM_MAD = lvm
>> VG_NAME = vg-one
>> HOST = localhost
>>
>>
>>
>> [root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/qemu.conf
>> user = "oneadmin"
>> group = "oneadmin"
>> dynamic_ownership = 0
>>
>>
>>
>> root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/libvirtd.conf
>> listen_tls = 0
>> listen_tcp = 1
>> mdns_adv = 0
>> unix_sock_group = "libvirt"
>> unix_sock_ro_perms = "0777"
>> unix_sock_rw_perms = "0770"
>> auth_unix_ro = "none"
>> auth_unix_rw = "none"
>>
>>
>>
>> [root at priv001 one]# id oneadmin
>> uid=9869(oneadmin) gid=9869(oneadmin)
>> Gruppen=9869(oneadmin),36(kvm),9870(libvirt)
>>
>>
>>
>> [root at priv001 one]# cat
>>
>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
>> la.pkla
>> # content of file:
>>
>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
>> la.pkla
>> [Allow oneadmin user to manage virtual machines]
>> Identity=unix-user:oneadmin
>> Action=org.libvirt.unix.manage
>> #Action=org.libvirt.unix.monitor
>> ResultAny=yes
>> ResultInactive=yes
>> ResultActive=yes
>>
>>
>>
>> [root at priv001 ~]# getenforce
>> Disabled
>>
>>
>> Diskpermission:
>>
>> lrwxrwxrwx 1 oneadmin oneadmin 24 26. Feb 17:01 disk.0 ->
>> /dev/vg-one/lv-one-0-3-0
>>
>>
>>
>> I've tried lots of thins like upgrading drbd, OpenNebula from 3.8.1 to
>> 3.8.3, using other filesystems, playing around with libvirt rights, tried
>> oneadmin as group from libvirt etc.pp.
>>
>>
>> Any idea whats wrong with my system?
>> Thanks for helping.
>>
>>
>>
>> Best regards,
>> Tobias
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
>
>
> --
> Jaime Melis
> Project Engineer
> OpenNebula - The Open Source Toolkit for Cloud Computing
> www.OpenNebula.org | jmelis at opennebula.org
>
--
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | jmelis at opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130228/784dbb25/attachment.htm>
More information about the Users
mailing list