<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-2">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<b>So - now I have still the same error message in oned.log:</b><br>
<small>Thu Jun 21 09:26:42 2012 [LCM][I]: New VM state is BOOT<br>
Thu Jun 21 09:26:42 2012 [VMM][I]: Generating deployment file:
/var/lib/one/0/deployment.38<br>
Thu Jun 21 09:26:42 2012 [VMM][I]: ExitCode: 0<br>
Thu Jun 21 09:26:42 2012 [VMM][I]: Successfully execute network
driver operation: pre.<br>
Thu Jun 21 09:26:44 2012 [VMM][I]: Command execution fail: cat
<< EOT | /var/tmp/one/vmm/kvm/deploy
/var/lib/one/0/images/deployment.38 myto 0 myto<br>
Thu Jun 21 09:26:44 2012 [VMM][I]: error: Failed to create domain
from /var/lib/one/0/images/deployment.38<br>
Thu Jun 21 09:26:44 2012 [VMM][I]: error: Unable to read from
monitor: Connection reset by peer<br>
Thu Jun 21 09:26:44 2012 [VMM][E]: Could not create domain from
/var/lib/one/0/images/deployment.38<br>
Thu Jun 21 09:26:44 2012 [VMM][I]: ExitCode: 255<br>
Thu Jun 21 09:26:44 2012 [VMM][I]: Failed to execute
virtualization driver operation: deploy.<br>
Thu Jun 21 09:26:44 2012 [VMM][E]: Error deploying virtual
machine: Could not create domain from
/var/lib/one/0/images/deployment.38<br>
Thu Jun 21 09:26:45 2012 [DiM][I]: New VM state is FAILED</small><br>
<br>
<b>At the same time in the /var/log/libvirt/libvirtd.log the
following message appears:</b><br>
<small>2012-06-21 09:27:43.610+0000: 1114: warning :
virDomainDiskDefForeachPath:13244 : Ignoring open failure on
/var/lib/one/0/images/disk.1: Permission denied<br>
2012-06-21 09:27:44.296+0000: 1110: error : qemuMonitorIORead:513
: Unable to read from monitor: Connection reset by peer<br>
<b><big><br>
Nothing in /var/log/syslog (doesn't matter if apparmor is
running, stopped, flushed ...!).</big></b><br>
<br>
<big><b>Permissions of files and folders:</b><br>
</big></small><tt>oneadmin@opennebula-host:/var/lib$ ls -ld
/var/lib/one<br>
drwxr-xr-x 10 oneadmin root 4096 Jun 21 09:49 /var/lib/one<br>
<br>
</tt><tt><small><big>oneadmin</big></small></tt><tt>@opennebula-host:/var/lib/one#
ls -la<br>
total 132<br>
drwxr-xr-x 8 oneadmin root 4096 Jun 21 09:27 .<br>
drwxr-xr-x 37 root root 4096 Jun 21 06:30 ..<br>
-rw------- 1 oneadmin cloud 2261 Jun 21 08:42 .bash_history<br>
drwx------ 2 oneadmin cloud 4096 Jun 20 09:48 .cache<br>
drwx------ 2 oneadmin cloud 4096 Jun 20 09:49 .one<br>
drwx------ 2 oneadmin root 4096 Jun 20 17:43 .ssh<br>
-rw------- 1 oneadmin cloud 3412 Jun 20 11:06 .viminfo<br>
drwxrwxrwx 3 oneadmin cloud 4096 Jun 21 09:26 0<br>
-rw-r--r-- 1 oneadmin cloud 1738 Jun 21 08:50 config<br>
drwxrwx--T 2 oneadmin root 4096 Jun 20 10:57 images<br>
-rw-r--r-- 1 oneadmin cloud 67584 Jun 21 09:27 one.db<br>
-rw-r--r-- 1 oneadmin cloud 16384 Jun 20 16:28 oneacct.db<br>
drwxr-xr-x 8 root root 4096 Jun 20 09:33 remotes</tt><br>
<tt><br>
</tt><tt><small><big>oneadmin</big></small></tt><tt><small><big>@opennebula-host:/var/lib/one/0#
ls -la<br>
total 20<br>
drwxrwxrwx 3 oneadmin cloud 4096 Jun 21 09:36 .<br>
drwxr-xr-x 10 oneadmin root 4096 Jun 21 09:35 ..<br>
-rw-r--r-- 1 oneadmin cloud 735 Jun 21 09:26 deployment.38<br>
drwxrwxrwx 2 oneadmin cloud 4096 Jun 21 09:26 images<br>
-rw-r--r-- 1 oneadmin cloud 201 Jun 21 09:26
transfer.38.prolog<br>
<br>
</big></small></tt><tt><small><big>oneadmin</big></small></tt><tt><small><big>@opennebula-host:/var/lib/one/0/images#
ls -la<br>
total 906256<br>
drwxrwxrwx 2 oneadmin cloud 4096 Jun 21 09:26 .<br>
drwxrwxrwx 3 oneadmin cloud 4096 Jun 21 09:36 ..<br>
-rw-r--r-- 1 oneadmin cloud 736 Jun 21 09:26
deployment.38<br>
-rw-rw-rw- 1 oneadmin cloud 927989760 Jun 21 09:26 disk.0<br>
lrwxrwxrwx 1 oneadmin cloud 52 Jun 21 09:26 disk.1
-> /var/lib/one/images/9c52b90a79dba7c26a912d05ff5190b8<br>
<br>
oneadmin@opennebula-host:~/images$ ls -la<br>
total 1040116<br>
drwxrwx--T 2 oneadmin root 4096 Jun 20 10:57 .<br>
drwxr-xr-x 10 oneadmin root 4096 Jun 21 09:37 ..<br>
-rw-rw---- 1 oneadmin root 927989760 Jun 20 10:57
46440b43448202b4ee69b4b541f5eeab<br>
-rw-rw---- 1 oneadmin root 10737418241 Jun 20 10:57
9c52b90a79dba7c26a912d05ff5190b8<br>
<br>
</big></small></tt><small><big><b><br>
Libvirtd and Qemu settings:</b><br>
<b>/etc/libvirt/libvirtd.conf:</b><br>
<small>listen_tls = 0<br>
listen_tcp = 1<br>
unix_sock_group = "libvirtd"<br>
unix_sock_ro_perms = "0777"<br>
unix_sock_rw_perms = "0777"<br>
unix_sock_dir = "/var/run/libvirt"<br>
auth_unix_ro = "none"<br>
auth_unix_rw = "none"</small><br>
<b><br>
/etc/libvirt/qemu.conf:</b><br>
<small>security_driver = "none"<br>
user = "oneadmin"<br>
group = "cloud"<br>
dynamic_ownership = 0</small><br>
<br>
<b>/etc/default/libvirt-bin:</b><br>
<small>start_libvirtd="yes"<br>
libvirtd_opts="-d -l"</small><br>
<br>
<b>/etc/apparmor.d/usr.sbin.libvirtd:</b><br>
<small># Last Modified: Mon Jul 6 17:23:58 2009<br>
#include <tunables/global><br>
@{LIBVIRT}="libvirt"<br>
<br>
/usr/sbin/libvirtd {<br>
#include <abstractions/base><br>
# Site-specific additions and overrides. See local/README
for details.<br>
#include <local/usr.sbin.libvirtd><br>
<br>
capability kill,<br>
capability net_admin,<br>
capability net_raw,<br>
capability setgid,<br>
capability sys_admin,<br>
capability sys_module,<br>
capability sys_ptrace,<br>
capability sys_nice,<br>
capability sys_chroot,<br>
capability setuid,<br>
capability dac_override,<br>
capability dac_read_search,<br>
capability fowner,<br>
capability chown,<br>
capability setpcap,<br>
capability mknod,<br>
capability fsetid,<br>
capability ipc_lock,<br>
<br>
network inet stream,<br>
network inet dgram,<br>
network inet6 stream,<br>
network inet6 dgram,<br>
network packet dgram,<br>
<br>
# for now, use a very lenient profile since we want to first
focus on<br>
# confining the guests<br>
/ r,<br>
/** rwmkl,<br>
<br>
/bin/* PUx,<br>
/sbin/* PUx,<br>
/usr/bin/* PUx,<br>
/usr/sbin/* PUx,<br>
/lib/udev/scsi_id PUx,<br>
<br>
# Required by
nwfilter_ebiptables_driver.c:ebiptablesWriteToTempFile() to<br>
# write and run an ebtables script.<br>
/var/lib/libvirt/virtd* ixr,<br>
<br>
# force the use of virt-aa-helper<br>
audit deny /sbin/apparmor_parser rwxl,<br>
audit deny /etc/apparmor.d/libvirt/** wxl,<br>
audit deny /sys/kernel/security/apparmor/features rwxl,<br>
audit deny /sys/kernel/security/apparmor/matching rwxl,<br>
audit deny /sys/kernel/security/apparmor/.* rwxl,<br>
/sys/kernel/security/apparmor/profiles r,<br>
/usr/lib/libvirt/* PUxr,<br>
/etc/libvirt/hooks/** rmix,<br>
/var/lib/one/** lrwk,<br>
<br>
# allow changing to our UUID-based named profiles<br>
change_profile ->
@{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,<br>
<br>
}</small><br>
<br>
<b>User settings:</b><br>
<small>oneadmin@opennebula-host:~/images$ groups oneadmin<br>
oneadmin : cloud root disk kvm libvirtd</small><br>
<br>
<br>
<br>
</big></small><big>My question - where is an issue?<br>
<br>
Jan<br>
</big><br>
</body>
</html>