[one-users] Permission denied while creating VM

Tobias Honacker t.honacker at googlemail.com
Thu Feb 28 09:14:40 PST 2013 

Hi Jaime,

Thanks for the support.

---snip---
bash-4.1$ sudo -u oneadmin virsh create deployment.0

Fehler: Fehler beim Erstellen der Domain von deployment.0

Fehler: Unable to create tap device vnet%d: Operation not permitted

---snip---





Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?



--> nope, exact same error.



It could be a polkit problem, have you grepped the usual suspects? auth.log,
etcŠ



--> can't see any error or strange log files





/var/log/libvirt/libvirtd.log :



2013-02-28 14:57:10.341+0000: 11893: error : qemuMonitorOpenUnix:266 :
failed to connect to monitor socket: No such process

2013-02-28 14:57:10.342+0000: 11893: error : qemuProcessWaitForMonitor:1533
: internal error process exited while connecting to monitor:

qemu-kvm: -drive 
file=/var/lib/one//datastores/0/17/disk.0,if=none,id=drive-ide0-0-0,format=r
aw: could not open disk image /var/lib/one//datastores/0/17/disk.0:
Permission denied



Don't know what "

failed to connect to monitor socket: No such process" means, all settings
are correct in my opinion.





Best regards,

Tobias



Von:  Jaime Melis <jmelis at opennebula.org>
Datum:  Thu, 28 Feb 2013 16:36:45 +0100
An:  Tobias Honacker <t.honacker at googlemail.com>
Cc:  Users OpenNebula <users at lists.opennebula.org>
Betreff:  Re: [one-users] Permission denied while creating VM

Hi Tobias,

I have no idea why that's happening to you. I'm wondering, have you tried
start the VM manually in the host after it fails to deploy? the files should
be still there until you do "onevm delete".
$ virsh create /var/lib/one/datastores/0/<vm_id>/deployment.0

Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?

It could be a polkit problem, have you grepped the usual suspects? auth.log,
etc...

cheers,
Jaime


On Tue, Feb 26, 2013 at 5:21 PM, Tobias Honacker <t.honacker at googlemail.com>
wrote:
> Hi guys,
> 
> My environment:
> 
> OS: CentOS 6.3
> Version: OpenNebula 3.8.3
> Datastore: LVM (DRBD 8.4.3 + clvm + crm)
> Filesystem of /var/lib/one: ext4
> Images: 1x (Type: Datablock - 10G) and 1x (Type: CDROM - Path
> /tmp/debian-image.iso)
> LVM Storage is working perfectly and without errors!
> 
> 
> My Problem:
> 
> VM is not booting cause of this error:
> 
> ---snip---
> Tue Feb 26 16:17:35 2013 [VMM][D]: Message received: LOG I 1 Successfully
> execute network driver operation: pre.
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Command
> execution fail: cat << EOT | /var/lib/one/remotes/vmm/kvm/deploy
> /var/lib/one//datastores/0/1/deployment.0 priv$
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error: Failed
> to create domain from /var/lib/one//datastores/0/1/deployment.0
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error:
> internal error process exited while connecting to monitor: qemu-kvm:
> -drive
> file=/var/lib/one//datastores/0/1/disk.0,if=none,id=drive-ide0-0-0,format=r
> aw: could not open disk image /var/lib/one//datastores/0/1/disk.0:
> Permission denied
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG E 1 Could not
> create domain from /var/lib/one//datastores/0/1/deployment.0
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 ExitCode: 255
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Failed to
> execute virtualization driver operation: deploy.
> 
> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: DEPLOY FAILURE 1
> Could not create domain from /var/lib/one//datastores/0/1/deployment.0
> ---snip---
> 
> 
> 
> Datastore Config:
> 
> NAME = drbd
> DS_MAD = lvm
> TM_MAD = lvm
> VG_NAME = vg-one
> HOST = localhost
> 
> 
> 
> [root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/qemu.conf
> user  = "oneadmin"
> group = "oneadmin"
> dynamic_ownership = 0
> 
> 
> 
> root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/libvirtd.conf
> listen_tls = 0
> listen_tcp = 1
> mdns_adv = 0
> unix_sock_group = "libvirt"
> unix_sock_ro_perms = "0777"
> unix_sock_rw_perms = "0770"
> auth_unix_ro = "none"
> auth_unix_rw = "none"
> 
> 
> 
> [root at priv001 one]# id oneadmin
> uid=9869(oneadmin) gid=9869(oneadmin)
> Gruppen=9869(oneadmin),36(kvm),9870(libvirt)
> 
> 
> 
> [root at priv001 one]# cat
> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
> la.pkla
> # content of file:
> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
> la.pkla
> [Allow oneadmin user to manage virtual machines]
> Identity=unix-user:oneadmin
> Action=org.libvirt.unix.manage
> #Action=org.libvirt.unix.monitor
> ResultAny=yes
> ResultInactive=yes
> ResultActive=yes
> 
> 
> 
> [root at priv001 ~]# getenforce
> Disabled
> 
> 
> Diskpermission:
> 
> lrwxrwxrwx 1 oneadmin oneadmin   24 26. Feb 17:01 disk.0 ->
> /dev/vg-one/lv-one-0-3-0
> 
> 
> 
> I've tried lots of thins like upgrading drbd, OpenNebula from 3.8.1 to
> 3.8.3, using other filesystems, playing around with libvirt rights, tried
> oneadmin as group from libvirt etc.pp.
> 
> 
> Any idea whats wrong with my system?
> Thanks for helping.
> 
> 
> 
> Best regards,
> Tobias
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org



-- 
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org <http://www.OpenNebula.org>  | jmelis at opennebula.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130228/ffa16096/attachment-0002.htm>

More information about the Users mailing list