[one-users] libvirt permissions issue:

[Vladislav Gorbunov]

Try to add this lines to the /etc/libvirt/qemu.conf
user = "oneadmin"
group = "oneadmin"
dynamic_ownership = 0

2014-04-03 6:27 GMT+12:00 Steven Timm <timm at fnal.gov>:
>
> This is about a test OpenNebula 4.4 installation but we have the same
> problem in OpenNebula 3.2 and have been kludging around it.
>
> Head node and hypervisors, scientific linux 6,
> libvirt qemu.conf has dynamic_ownership=0 as recommended in the guide.
>
> non-default libvirt settings in libvirt.conf
>
> unix_sock_group = "libvirtd"
> unix_sock_ro_perms = "0777"
> unix_sock_rw_perms = "0770"
> auth_unix_ro = "none"
> auth_unix_rw = "none"
> log_level = 2
> log_outputs = "2:syslog:libvirtd"
> host_uuid = "1f31bfac-97e1-5ecb-83ab-0e2c2819db1c"
>
> [root at fgtest11 ~]# rpm -q libvirt
> libvirt-0.10.2-29.el6_5.3.x86_64
> [root at fgtest11 ~]# rpm -q qemu-kvm
> qemu-kvm-0.12.1.2-2.415.el6.x86_64
> ---------------------------
>
> our datastore is using ssh-based transport
> so that we have a system datastore on each VM host
> What we see as the system brings the file over is that disk.0 is owned
> by oneadmin with permissions 644.
>
> Given that our libvirt runs things as qemu, the qemu does not have enough
> permissions to actually read/write the disk.0
>
> (qemu user is in the oneadmin group, but the file is not group readable).
>
> We have been kludging this by just adding a chmod 660 to the tm_clone.sh
> script but there must be a better way.
>
> Steve Timm
>
> ------------------------------------------------------------------
> Steven C. Timm, Ph.D  (630) 840-8525
> timm at fnal.gov  http://home.fnal.gov/~timm/
> Fermilab Scientific Computing Division, Scientific Computing Services Quad.
> Grid and Cloud Services Dept., Associate Dept. Head for Cloud Computing
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org