Hello Javier,<br><br>Thank you for your answer. Indeed, changing /dev/kvm group to oneadmin solved the problem. I can now happily launch VMs on the Cloud.<br><br>For future references, to make the change persist after reboot I have done:<br>
<br># cat > /etc/udev/rules.d/60-qemu-kvm.rules <br>KERNEL=="kvm", GROUP="oneadmin", MODE="0660"<br><br>I have also read the man page for udev to get this right. Learned something new today :). <br>
<br>Maybe the OpenNebula developers could add this to the documentation in the KVM Configuration [1] section as a note for Debian Squeeze.<br><br>NOTE: <br><div style="margin-left:40px">On Debian Squeeze when creating a VM as a regular user, the only group
that is taken into account is the one that appears as 'gid'
(oneadmin in this case). To solve the problem
change the owner of /dev/kvm 'to root.oneadmin. To make the changes persist after reboot:<br><br># cat /etc/udev/rules.d/60-qemu-kvm.rules<br>KERNEL=="kvm", GROUP="oneadmin", MODE="0660"<br>
<br></div>[1] - <a href="http://opennebula.org/documentation:rel3.6:kvmg">http://opennebula.org/documentation:rel3.6:kvmg</a><br><br>Cheers and Goodwill,<br>Valentin Bud<br><br><div class="gmail_quote">On Wed, Jul 25, 2012 at 1:15 PM, Javier Alvarez <span dir="ltr"><<a href="mailto:javier.alvarez@bsc.es" target="_blank">javier.alvarez@bsc.es</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hello Valentin,<br>
<br>
Apparently, when creating a VM as a regular user, the only group
that is taken into account is the one that appears as 'gid'
(oneadmin in this case). So what I did to solve the problem was to
change the owner of /dev/kvm to root.oneadmin.<br>
<br>
Best,<br>
<br>
Javi<div><div class="h5"><br>
<br>
On 25/07/12 11:19, Valentin Bud wrote:<br>
</div></div></div>
<blockquote type="cite"><div><div class="h5">Hello,<br>
<br>
I have recently setup OpenNebula 3.6 on 2 Debian Squeeze boxes.
Both machines function as hosts, one of them as frontend.<br>
I have followed the OpenNebula documentation [1] to setup the KVM
driver on the hosts.<br>
<br>
### Host A<br>
<br>
# kvm --version<br>
QEMU PC emulator version 0.12.5 (qemu-kvm-0.12.5), Copyright (c)
2003-2008 Fabrice Bellard<br>
<br>
# virsh --version<br>
0.8.3<br>
<br>
# grep -vE '^($|#)' /etc/libvirt/qemu.conf<br>
user = "oneadmin"<br>
group = "oneadmin"<br>
dynamic_ownership = 0<br>
<br>
# id oneadmin<br>
uid=1001(oneadmin) gid=1001(oneadmin)
groups=1001(oneadmin),106(kvm),108(libvirt)<br>
<br>
# ls -al /dev/kvm<br>
crw-rw---- 1 root kvm 10, 232 Jul 25 11:23 /dev/kvm<br>
<br>
### Host B<br>
<br>
# kvm --version<br>
QEMU PC emulator version 0.12.5 (qemu-kvm-0.12.5), Copyright (c)
2003-2008 Fabrice Bellard<br>
<br>
# virsh --version<br>
0.8.3<br>
<br>
# grep -vE '^($|#)' /etc/libvirt/qemu.conf<br>
user = "oneadmin"<br>
group = "oneadmin"<br>
dynamic_ownership = 0<br>
<br>
# id oneadmin <br>
uid=1001(oneadmin) gid=1001(oneadmin)
groups=1001(oneadmin),106(kvm),108(libvirt)<br>
<br>
# ls -al /dev/kvm<br>
crw-rw---- 1 root kvm 10, 232 Jul 25 11:23 /dev/kvm<br>
<br>
Doesn't matter on which host the VM gets deployed, the error is
the same. The error follows:<br>
<br>
LC_ALL=C
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
HOME=/root USER=root LOGNAME=root QEMU_AUDIO_DRV=none /usr/bin/kvm
-S -M pc-0.12 -enable-kvm -m 1024 -smp
1,sockets=1,cores=1,threads=1 -name one-4 -uuid
a7db4cd7-e258-503a-cc57-59d2dc1135ea -nodefaults -chardev
socket,id=monitor,path=/var/lib/libvirt/qemu/one-4.monitor,server,nowait
-mon chardev=monitor,mode=readline -rtc base=utc -boot c -device
lsi,id=scsi0,bus=pci.0,addr=0x5 -drive
file=/var/lib/one/datastores/0/4/disk.0,if=none,id=drive-scsi0-0-0,boot=on,format=qcow2
-device
scsi-disk,bus=scsi0.0,scsi-id=0,drive=drive-scsi0-0-0,id=scsi0-0-0
-device
rtl8139,vlan=0,id=net0,mac=02:00:0a:41:02:65,bus=pci.0,addr=0x3
-net tap,fd=36,vlan=0,name=hostnet0 -device
rtl8139,vlan=1,id=net1,mac=02:00:0a:41:03:65,bus=pci.0,addr=0x4
-net tap,fd=37,vlan=1,name=hostnet1 -usb -vnc <a href="http://0.0.0.0:4" target="_blank">0.0.0.0:4</a>
-vga cirrus -device
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6 <br>
open /dev/kvm: Permission denied<br>
Could not initialize KVM, will disable KVM support<br>
<br>
I don't have AppArmor installed or any other tool of this kind.
It's just a stock Debian Squeeze install. OpenNebula was compiled
on another machine and installed on Host A which is the frontend.
<br>
<br>
Does anyone of you have any idea about this error? I have Googled
around but could not find any answer. Everything seems correct as
per OpenNebula KVM documentation [1]. <br>
<br>
Thank you for your time invested in reading this email. Cheers and
Goodwill,<br>
Valentin Bud<br clear="all">
<br>
[1]: <a href="http://opennebula.org/documentation:rel3.6:kvmg" target="_blank">http://opennebula.org/documentation:rel3.6:kvmg</a><br>
-- <br>
w: <a href="http://databus.ro/blog" target="_blank">http://ing.enia.re/</a>
<div>
in: <a href="http://www.linkedin.com/pub/valentin-bud/9/881/830" target="_blank">http://www.linkedin.com/pub/valentin-bud/9/881/830</a></div>
<div>t: <a href="https://twitter.com/valentinbud" target="_blank">https://twitter.com/valentinbud</a></div>
<br>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><span class="HOEnZb"><font color="#888888">
</font></span></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<br>
<pre cols="72">--
Javier Álvarez Cid-Fuentes
Grid Computing and Clusters Group
Barcelona Supercomputing Center (BSC-CNS)
Tel. <a href="tel:%28%2B34%29%2093%20413%2072%2046" value="+34934137246" target="_blank">(+34) 93 413 72 46</a></pre>
<br>
<br>
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
<br><br>
<a href="http://www.bsc.es/disclaimer.htm" target="_blank">http://www.bsc.es/disclaimer</a>
<br>
</font></span></div>
</blockquote></div><br><br clear="all"><br>-- <br>w: <a href="http://ing.enia.re/" target="_blank">http://ing.enia.re/</a><div>in: <a href="http://www.linkedin.com/pub/valentin-bud/9/881/830" target="_blank">http://www.linkedin.com/pub/valentin-bud/9/881/830</a></div>
<div>t: <a href="https://twitter.com/valentinbud" target="_blank">https://twitter.com/valentinbud</a></div><br>