[one-users] Permission denied while creating VM

Jaime Melis jmelis at opennebula.org
Thu Feb 28 09:47:24 PST 2013 

Hi,

Yes, I just added it to the docs, I don't know why it wasn't there in the
first place.

I'm glad it's working now.

cheers,
Jaime


On Thu, Feb 28, 2013 at 6:43 PM, Tobias Honacker
<t.honacker at googlemail.com>wrote:

> Hi Jaime,
>
> It works, thanks. Don't know why i don't try this.
> Thanks for support. Maybe we should put this to the documentation.
>
>
> Best regards,
> Tobias
>
>  Von: Jaime Melis <jmelis at opennebula.org>
> Datum: Thu, 28 Feb 2013 18:35:23 +0100
>
> An: Tobias Honacker <t.honacker at googlemail.com>
> Cc: Users OpenNebula <users at lists.opennebula.org>
> Betreff: Re: [one-users] Permission denied while creating VM
>
> Is 'oneadmin' in the 'disk' group? can you try that?
>
>
> On Thu, Feb 28, 2013 at 6:28 PM, Tobias Honacker <
> t.honacker at googlemail.com> wrote:
>
>> Hi Jaime,
>>
>> bash-4.1$ sudo -u oneadmin virsh -c qemu:///system create deployment.0
>> Fehler: Fehler beim Erstellen der Domain von deployment.0
>> Fehler: internal error process exited while connecting to monitor:
>> qemu-kvm: -drive
>> file=/var/lib/one//datastores/0/18/disk.0,if=none,id=drive-ide0-0-0,format=raw:
>> could not open disk image /var/lib/one//datastores/0/18/disk.0: Permission
>> denied
>>
>>
>> bash-4.1$ ls -lL disk.0
>> brw-rw---- 1 root disk 253, 9 28. Feb 18:26 disk.0
>>
>>
>> Best regards,
>> Tobias
>>
>>  Von: Jaime Melis <jmelis at opennebula.org>
>> Datum: Thu, 28 Feb 2013 18:21:50 +0100
>>
>> An: Tobias Honacker <t.honacker at googlemail.com>
>> Cc: Users OpenNebula <users at lists.opennebula.org>
>> Betreff: Re: [one-users] Permission denied while creating VM
>>
>> Sorry Tobias, the command I sent is not the correct one, you have to
>> explicitely say that you want to connect to the system socket. Do this
>> instead:
>>
>> $ sudo -u oneadmin virsh -c qemu:///system create deployment.0
>>
>>
>> On Thu, Feb 28, 2013 at 6:14 PM, Tobias Honacker <
>> t.honacker at googlemail.com> wrote:
>>
>>> Hi Jaime,
>>>
>>> Thanks for the support.
>>>
>>> ---snip---
>>>
>>> bash-4.1$ sudo -u oneadmin virsh create deployment.0 ****
>>>
>>> Fehler: Fehler beim Erstellen der Domain von deployment.0****
>>>
>>> Fehler: Unable to create tap device vnet%d: Operation not permitted****
>>>
>>> ---snip---
>>>
>>>
>>>
>>> Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?
>>>
>>>
>>> --> nope, exact same error.
>>>
>>>
>>> It could be a polkit problem, have you grepped the usual suspects?
>>> auth.log, etc…
>>>
>>>
>>> --> can't see any error or strange log files
>>>
>>>
>>>
>>> /var/log/libvirt/libvirtd.log :
>>>
>>>
>>>  2013-02-28 14:57:10.341+0000: 11893: error : qemuMonitorOpenUnix:266 :
>>> failed to connect to monitor socket: No such process
>>>
>>> 2013-02-28 14:57:10.342+0000: 11893: error :
>>> qemuProcessWaitForMonitor:1533 : internal error process exited while
>>> connecting to monitor:
>>>
>>> qemu-kvm: -drive
>>> file=/var/lib/one//datastores/0/17/disk.0,if=none,id=drive-ide0-0-0,format=raw:
>>> could not open disk image /var/lib/one//datastores/0/17/disk.0: Permission
>>> denied
>>>
>>>
>>> Don't know what "
>>>
>>> failed to connect to monitor socket: No such process" means, all
>>> settings are correct in my opinion.
>>>
>>>
>>>
>>> Best regards,
>>>
>>> Tobias
>>>
>>>
>>> Von: Jaime Melis <jmelis at opennebula.org>
>>> Datum: Thu, 28 Feb 2013 16:36:45 +0100
>>> An: Tobias Honacker <t.honacker at googlemail.com>
>>> Cc: Users OpenNebula <users at lists.opennebula.org>
>>> Betreff: Re: [one-users] Permission denied while creating VM
>>>
>>> Hi Tobias,
>>>
>>> I have no idea why that's happening to you. I'm wondering, have you
>>> tried start the VM manually in the host after it fails to deploy? the files
>>> should be still there until you do "onevm delete".
>>> $ virsh create /var/lib/one/datastores/0/<vm_id>/deployment.0
>>>
>>> Does /var/log/libvirtd/qemu/one-<vm_id>.log shed any light on the issue?
>>>
>>> It could be a polkit problem, have you grepped the usual suspects?
>>> auth.log, etc...
>>>
>>> cheers,
>>> Jaime
>>>
>>>
>>> On Tue, Feb 26, 2013 at 5:21 PM, Tobias Honacker <
>>> t.honacker at googlemail.com> wrote:
>>>
>>>> Hi guys,
>>>>
>>>> My environment:
>>>>
>>>> OS: CentOS 6.3
>>>> Version: OpenNebula 3.8.3
>>>> Datastore: LVM (DRBD 8.4.3 + clvm + crm)
>>>> Filesystem of /var/lib/one: ext4
>>>> Images: 1x (Type: Datablock - 10G) and 1x (Type: CDROM - Path
>>>> /tmp/debian-image.iso)
>>>> LVM Storage is working perfectly and without errors!
>>>>
>>>>
>>>> My Problem:
>>>>
>>>> VM is not booting cause of this error:
>>>>
>>>> ---snip---
>>>> Tue Feb 26 16:17:35 2013 [VMM][D]: Message received: LOG I 1
>>>> Successfully
>>>> execute network driver operation: pre.
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Command
>>>> execution fail: cat << EOT | /var/lib/one/remotes/vmm/kvm/deploy
>>>> /var/lib/one//datastores/0/1/deployment.0 priv$
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error:
>>>> Failed
>>>> to create domain from /var/lib/one//datastores/0/1/deployment.0
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 error:
>>>> internal error process exited while connecting to monitor: qemu-kvm:
>>>> -drive
>>>>
>>>> file=/var/lib/one//datastores/0/1/disk.0,if=none,id=drive-ide0-0-0,format=r
>>>> aw: could not open disk image /var/lib/one//datastores/0/1/disk.0:
>>>> Permission denied
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG E 1 Could not
>>>> create domain from /var/lib/one//datastores/0/1/deployment.0
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 ExitCode:
>>>> 255
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: LOG I 1 Failed to
>>>> execute virtualization driver operation: deploy.
>>>>
>>>> Tue Feb 26 16:17:39 2013 [VMM][D]: Message received: DEPLOY FAILURE 1
>>>> Could not create domain from /var/lib/one//datastores/0/1/deployment.0
>>>> ---snip---
>>>>
>>>>
>>>>
>>>> Datastore Config:
>>>>
>>>> NAME = drbd
>>>> DS_MAD = lvm
>>>> TM_MAD = lvm
>>>> VG_NAME = vg-one
>>>> HOST = localhost
>>>>
>>>>
>>>>
>>>> [root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/qemu.conf
>>>> user  = "oneadmin"
>>>> group = "oneadmin"
>>>> dynamic_ownership = 0
>>>>
>>>>
>>>>
>>>> root at priv001 one]# grep -vE '^($|#)' /etc/libvirt/libvirtd.conf
>>>> listen_tls = 0
>>>> listen_tcp = 1
>>>> mdns_adv = 0
>>>> unix_sock_group = "libvirt"
>>>> unix_sock_ro_perms = "0777"
>>>> unix_sock_rw_perms = "0770"
>>>> auth_unix_ro = "none"
>>>> auth_unix_rw = "none"
>>>>
>>>>
>>>>
>>>> [root at priv001 one]# id oneadmin
>>>> uid=9869(oneadmin) gid=9869(oneadmin)
>>>> Gruppen=9869(oneadmin),36(kvm),9870(libvirt)
>>>>
>>>>
>>>>
>>>> [root at priv001 one]# cat
>>>>
>>>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
>>>> la.pkla
>>>> # content of file:
>>>>
>>>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebu
>>>> la.pkla
>>>> [Allow oneadmin user to manage virtual machines]
>>>> Identity=unix-user:oneadmin
>>>> Action=org.libvirt.unix.manage
>>>> #Action=org.libvirt.unix.monitor
>>>> ResultAny=yes
>>>> ResultInactive=yes
>>>> ResultActive=yes
>>>>
>>>>
>>>>
>>>> [root at priv001 ~]# getenforce
>>>> Disabled
>>>>
>>>>
>>>> Diskpermission:
>>>>
>>>> lrwxrwxrwx 1 oneadmin oneadmin   24 26. Feb 17:01 disk.0 ->
>>>> /dev/vg-one/lv-one-0-3-0
>>>>
>>>>
>>>>
>>>> I've tried lots of thins like upgrading drbd, OpenNebula from 3.8.1 to
>>>> 3.8.3, using other filesystems, playing around with libvirt rights,
>>>> tried
>>>> oneadmin as group from libvirt etc.pp.
>>>>
>>>>
>>>> Any idea whats wrong with my system?
>>>> Thanks for helping.
>>>>
>>>>
>>>>
>>>> Best regards,
>>>> Tobias
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.opennebula.org
>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>
>>>
>>>
>>>
>>> --
>>> Jaime Melis
>>> Project Engineer
>>> OpenNebula - The Open Source Toolkit for Cloud Computing
>>> www.OpenNebula.org | jmelis at opennebula.org
>>>
>>
>>
>>
>> --
>> Jaime Melis
>> Project Engineer
>> OpenNebula - The Open Source Toolkit for Cloud Computing
>> www.OpenNebula.org | jmelis at opennebula.org
>>
>
>
>
> --
> Jaime Melis
> Project Engineer
> OpenNebula - The Open Source Toolkit for Cloud Computing
> www.OpenNebula.org | jmelis at opennebula.org
>



-- 
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | jmelis at opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130228/1c114ac6/attachment-0002.htm>

More information about the Users mailing list