[one-users] Permission denied while creating VM

Jaime Melis jmelis at opennebula.org
Thu Feb 28 09:25:48 PST 2013


Also, can you check this command?

$ ls -lL disk.0

to see the permissions of the block device pointed at by the symlink?


On Thu, Feb 28, 2013 at 6:21 PM, Jaime Melis <jmelis at opennebula.org> wrote:

> Sorry Tobias, the command I sent is not the correct one, you have to
> explicitely say that you want to connect to the system socket. Do this
> instead:
>
> $ sudo -u oneadmin virsh -c qemu:///system create deployment.0
>
>
> On Thu, Feb 28, 2013 at 6:14 PM, Tobias Honacker <
> t.honacker at googlemail.com> wrote:
>
>> Hi Jaime,
>>
>> Thanks for the support.
>>
>> ---snip---
>>
>> bash-4.1$ sudo -u oneadmin virsh create deployment.0 ****
>>
>> Fehler: Fehler beim Erstellen der Domain von deployment.0****
>>
>> Fehler: Unable to create tap device vnet%d: Operation not permitted****
>>
>> ---snip---
>>
>>
>>
>> Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?
>>
>>
>> --> nope, exact same error.
>>
>>
>> It could be a polkit problem, have you grepped the usual suspects?
>> auth.log, etc…
>>
>>
>> --> can't see any error or strange log files
>>
>>
>>
>> /var/log/libvirt/libvirtd.log :
>>
>>
>>  2013-02-28 14:57:10.341+0000: 11893: error : qemuMonitorOpenUnix:266 :
>> failed to connect to monitor socket: No such process
>>
>> 2013-02-28 14:57:10.342+0000: 11893: error :
>> qemuProcessWaitForMonitor:1533 : internal error process exited while
>> connecting to monitor:
>>
>> qemu-kvm: -drive
>> file=/var/lib/one//datastores/0/17/disk.0,if=none,id=drive-ide0-0-0,format=raw:
>> could not open disk image /var/lib/one//datastores/0/17/disk.0: Permission
>> denied
>>
>>
>> Don't know what "
>>
>> failed to connect to monitor socket: No such process" means, all settings
>> are correct in my opinion.
>>
>>
>>
>> Best regards,
>>
>> Tobias
>>
>>
>> Von: Jaime Melis <jmelis at opennebula.org>
>> Datum: Thu, 28 Feb 2013 16:36:45 +0100
>> An: Tobias Honacker <t.honacker at googlemail.com>
>> Cc: Users OpenNebula <users at lists.opennebula.org>
>> Betreff: Re: [one-users] Permission denied while creating VM
>>
>> Hi Tobias,
>>
>> I have no idea why that's happening to you. I'm wondering, have you tried
>> start the VM manually in the host after it fails to deploy? the files
>> should be still there until you do "onevm delete".
>> $ virsh create /var/lib/one/datastores/0/<vm_id>/deployment.0
>>
>> Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?
>>
>> It could be a polkit problem, have you grepped the usual suspects?
>> auth.log, etc...
>>
>> cheers,
>> Jaime
>>
>>
>> On Tue, Feb 26, 2013 at 5:21 PM, Tobias Honacker <
>> t.honacker at googlemail.com> wrote:
>>
>>> Hi guys,
>>>
>>> My environment:
>>>
>>> OS: CentOS 6.3
>>> Version: OpenNebula 3.8.3
>>> Datastore: LVM (DRBD 8.4.3 + clvm + crm)
>>> Filesystem of /var/lib/one: ext4
>>> Images: 1x (Type: Datablock - 10G) and 1x (Type: CDROM - Path
>>> /tmp/debian-image.iso)
>>> LVM Storage is working perfectly and without errors!
>>>
>>>
>>> My Problem:
>>>
>>> VM is not booting cause of this error:
>>>
>>> ---snip---
>>> Tue Feb 26 16:17:35 2013 [VMM][D]: Message received: LOG I 1 Successfully
>>> execute network driver operation: pre.
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Command
>>> execution fail: cat << EOT | /var/lib/one/remotes/vmm/kvm/deploy
>>> /var/lib/one//datastores/0/1/deployment.0 priv$
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error:
>>> Failed
>>> to create domain from /var/lib/one//datastores/0/1/deployment.0
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error:
>>> internal error process exited while connecting to monitor: qemu-kvm:
>>> -drive
>>>
>>> file=/var/lib/one//datastores/0/1/disk.0,if=none,id=drive-ide0-0-0,format=r
>>> aw: could not open disk image /var/lib/one//datastores/0/1/disk.0:
>>> Permission denied
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG E 1 Could not
>>> create domain from /var/lib/one//datastores/0/1/deployment.0
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 ExitCode:
>>> 255
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Failed to
>>> execute virtualization driver operation: deploy.
>>>
>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: DEPLOY FAILURE 1
>>> Could not create domain from /var/lib/one//datastores/0/1/deployment.0
>>> ---snip---
>>>
>>>
>>>
>>> Datastore Config:
>>>
>>> NAME = drbd
>>> DS_MAD = lvm
>>> TM_MAD = lvm
>>> VG_NAME = vg-one
>>> HOST = localhost
>>>
>>>
>>>
>>> [root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/qemu.conf
>>> user  = "oneadmin"
>>> group = "oneadmin"
>>> dynamic_ownership = 0
>>>
>>>
>>>
>>> root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/libvirtd.conf
>>> listen_tls = 0
>>> listen_tcp = 1
>>> mdns_adv = 0
>>> unix_sock_group = "libvirt"
>>> unix_sock_ro_perms = "0777"
>>> unix_sock_rw_perms = "0770"
>>> auth_unix_ro = "none"
>>> auth_unix_rw = "none"
>>>
>>>
>>>
>>> [root at priv001 one]# id oneadmin
>>> uid=9869(oneadmin) gid=9869(oneadmin)
>>> Gruppen=9869(oneadmin),36(kvm),9870(libvirt)
>>>
>>>
>>>
>>> [root at priv001 one]# cat
>>>
>>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
>>> la.pkla
>>> # content of file:
>>>
>>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
>>> la.pkla
>>> [Allow oneadmin user to manage virtual machines]
>>> Identity=unix-user:oneadmin
>>> Action=org.libvirt.unix.manage
>>> #Action=org.libvirt.unix.monitor
>>> ResultAny=yes
>>> ResultInactive=yes
>>> ResultActive=yes
>>>
>>>
>>>
>>> [root at priv001 ~]# getenforce
>>> Disabled
>>>
>>>
>>> Diskpermission:
>>>
>>> lrwxrwxrwx 1 oneadmin oneadmin   24 26. Feb 17:01 disk.0 ->
>>> /dev/vg-one/lv-one-0-3-0
>>>
>>>
>>>
>>> I've tried lots of thins like upgrading drbd, OpenNebula from 3.8.1 to
>>> 3.8.3, using other filesystems, playing around with libvirt rights, tried
>>> oneadmin as group from libvirt etc.pp.
>>>
>>>
>>> Any idea whats wrong with my system?
>>> Thanks for helping.
>>>
>>>
>>>
>>> Best regards,
>>> Tobias
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opennebula.org
>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>>
>>
>>
>> --
>> Jaime Melis
>> Project Engineer
>> OpenNebula - The Open Source Toolkit for Cloud Computing
>> www.OpenNebula.org | jmelis at opennebula.org
>>
>
>
>
> --
> Jaime Melis
> Project Engineer
> OpenNebula - The Open Source Toolkit for Cloud Computing
> www.OpenNebula.org | jmelis at opennebula.org
>



-- 
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | jmelis at opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130228/ed4270a2/attachment-0002.htm>


More information about the Users mailing list