TomK
2016-Apr-09 15:08 UTC
Re: [libvirt-users] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
Adding in libvir-list. Cheers, Tom K. ------------------------------------------------------------------------------------- Mobile: 416 618 8456 Home: 905 857 9652 Living on earth is expensive, but it includes a free trip around the sun. On 4/7/2016 7:32 PM, TomK wrote:> Hey All, > > I've an issue where libvirtd tries to access an NFS mount but errors > out with: can't canonicalize path '/var/lib/one//datastores/0 . The > unprevilidged user is able to read/write fine to the share. > root_squash is used and for security reasons no_root_squash cannot be > used. > > On the controller and node SELinux is disabled. > > [oneadmin@mdskvm-p01 ~]$ virsh -d 1 --connect qemu:///system create > /var/lib/one//datastores/0/38/deployment.0 > create: file(optdata): /var/lib/one//datastores/0/38/deployment.0 > error: Failed to create domain from > /var/lib/one//datastores/0/38/deployment.0 > error: can't canonicalize path '/var/lib/one//datastores/0/38/disk.1': > Permission denied > > I added some debug flags to get more info and added -x to the deploy > script. Closest I get to more details is this: > > 2016-04-06 04:15:35.945+0000: 14072: debug : > virStorageFileBackendFileInit:1441 : initializing FS storage file > 0x7f6aa4009000 (file:/var/lib/one//datastores/0/38/disk.1)[9869:9869] > 2016-04-06 04:15:35.954+0000: 14072: error : > virStorageFileBackendFileGetUniqueIdentifier:1523 : can't canonicalize > path '/var/lib/one//datastores/0/38/disk.1': > > https://www.redhat.com/archives/libvir-list/2014-May/msg00194.html > > Comment is: "The current implementation works for local > storage only and returns the canonical path of the volume." > > But it seems the logic is applied to NFS mounts. Perhaps it shouldn't > be? Anyway to get around this problem? This is CentOS 7 . > > Cheers, > Tom K. > ------------------------------------------------------------------------------------- > > Living on earth is expensive, but it includes a free trip around the sun. > > _______________________________________________ > libvirt-users mailing list > libvirt-users@redhat.com > https://www.redhat.com/mailman/listinfo/libvirt-users
TomK
2016-Apr-12 00:02 UTC
Re: [libvirt-users] [libvirt] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
Hey All, Wondering if anyone had any suggestions on this topic? Cheers, Tom K. ------------------------------------------------------------------------------------- Living on earth is expensive, but it includes a free trip around the sun. On 4/9/2016 11:08 AM, TomK wrote:> Adding in libvir-list. > > Cheers, > Tom K. > ------------------------------------------------------------------------------------- > > Living on earth is expensive, but it includes a free trip around the sun. > > On 4/7/2016 7:32 PM, TomK wrote: >> Hey All, >> >> I've an issue where libvirtd tries to access an NFS mount but errors >> out with: can't canonicalize path '/var/lib/one//datastores/0 . The >> unprevilidged user is able to read/write fine to the share. >> root_squash is used and for security reasons no_root_squash cannot be >> used. >> >> On the controller and node SELinux is disabled. >> >> [oneadmin@mdskvm-p01 ~]$ virsh -d 1 --connect qemu:///system create >> /var/lib/one//datastores/0/38/deployment.0 >> create: file(optdata): /var/lib/one//datastores/0/38/deployment.0 >> error: Failed to create domain from >> /var/lib/one//datastores/0/38/deployment.0 >> error: can't canonicalize path >> '/var/lib/one//datastores/0/38/disk.1': Permission denied >> >> I added some debug flags to get more info and added -x to the deploy >> script. Closest I get to more details is this: >> >> 2016-04-06 04:15:35.945+0000: 14072: debug : >> virStorageFileBackendFileInit:1441 : initializing FS storage file >> 0x7f6aa4009000 (file:/var/lib/one//datastores/0/38/disk.1)[9869:9869] >> 2016-04-06 04:15:35.954+0000: 14072: error : >> virStorageFileBackendFileGetUniqueIdentifier:1523 : can't >> canonicalize path '/var/lib/one//datastores/0/38/disk.1': >> >> https://www.redhat.com/archives/libvir-list/2014-May/msg00194.html >> >> Comment is: "The current implementation works for local >> storage only and returns the canonical path of the volume." >> >> But it seems the logic is applied to NFS mounts. Perhaps it shouldn't >> be? Anyway to get around this problem? This is CentOS 7 . >> >> Cheers, >> Tom K. >> ------------------------------------------------------------------------------------- >> >> Living on earth is expensive, but it includes a free trip around the >> sun. >> >> _______________________________________________ >> libvirt-users mailing list >> libvirt-users@redhat.com >> https://www.redhat.com/mailman/listinfo/libvirt-users > > -- > libvir-list mailing list > libvir-list@redhat.com > https://www.redhat.com/mailman/listinfo/libvir-list
Martin Kletzander
2016-Apr-12 14:03 UTC
Re: [libvirt-users] [libvirt] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
On Mon, Apr 11, 2016 at 08:02:04PM -0400, TomK wrote:>Hey All, > >Wondering if anyone had any suggestions on this topic? >The only thing I can come up with is: '/var/lib/one//datastores/0/38/disk.1': Permission denied ... that don't have access to that file. Could you elaborate on that? I think it's either: a) you are running the domain as root or b) we don't use the domain's uid/gid to canonicalize the path. But if read access is enough for canonicalizing that path, I think the problem is purely with permissions.>Cheers, >Tom K. >------------------------------------------------------------------------------------- > >Living on earth is expensive, but it includes a free trip around the sun. > >On 4/9/2016 11:08 AM, TomK wrote: >> Adding in libvir-list. >> >> Cheers, >> Tom K. >> ------------------------------------------------------------------------------------- >> >> Living on earth is expensive, but it includes a free trip around the sun. >> >> On 4/7/2016 7:32 PM, TomK wrote: >>> Hey All, >>> >>> I've an issue where libvirtd tries to access an NFS mount but errors >>> out with: can't canonicalize path '/var/lib/one//datastores/0 . The >>> unprevilidged user is able to read/write fine to the share. >>> root_squash is used and for security reasons no_root_squash cannot be >>> used. >>> >>> On the controller and node SELinux is disabled. >>> >>> [oneadmin@mdskvm-p01 ~]$ virsh -d 1 --connect qemu:///system create >>> /var/lib/one//datastores/0/38/deployment.0 >>> create: file(optdata): /var/lib/one//datastores/0/38/deployment.0 >>> error: Failed to create domain from >>> /var/lib/one//datastores/0/38/deployment.0 >>> error: can't canonicalize path >>> '/var/lib/one//datastores/0/38/disk.1': Permission denied >>> >>> I added some debug flags to get more info and added -x to the deploy >>> script. Closest I get to more details is this: >>> >>> 2016-04-06 04:15:35.945+0000: 14072: debug : >>> virStorageFileBackendFileInit:1441 : initializing FS storage file >>> 0x7f6aa4009000 (file:/var/lib/one//datastores/0/38/disk.1)[9869:9869] >>> 2016-04-06 04:15:35.954+0000: 14072: error : >>> virStorageFileBackendFileGetUniqueIdentifier:1523 : can't >>> canonicalize path '/var/lib/one//datastores/0/38/disk.1': >>> >>> https://www.redhat.com/archives/libvir-list/2014-May/msg00194.html >>> >>> Comment is: "The current implementation works for local >>> storage only and returns the canonical path of the volume." >>> >>> But it seems the logic is applied to NFS mounts. Perhaps it shouldn't >>> be? Anyway to get around this problem? This is CentOS 7 . >>> >>> Cheers, >>> Tom K. >>> ------------------------------------------------------------------------------------- >>> >>> Living on earth is expensive, but it includes a free trip around the >>> sun. >>> >>> _______________________________________________ >>> libvirt-users mailing list >>> libvirt-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/libvirt-users >> >> -- >> libvir-list mailing list >> libvir-list@redhat.com >> https://www.redhat.com/mailman/listinfo/libvir-list > >-- >libvir-list mailing list >libvir-list@redhat.com >https://www.redhat.com/mailman/listinfo/libvir-list
Possibly Parallel Threads
- Re: Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
- Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
- Re: [libvirt] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
- Re: [libvirt] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path
- Re: [libvirt] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path