libvirt users - Oct 2016 - Permission denied for volume create in raw format

Hi,
I'm facing similar problem to described here:
https://www.redhat.com/archives/libvirt-users/2016-February/msg00033.html
I got Libvirt pool mounted over netfs and I'm trying to create new volume,
with pool.createXML. When format is qcow2, everything works fine.
Unfortunately, for raw images libvirt raises error Permission denied. Whole
pool is owned by root. Libvirt starts as root user too.

I've tried to change pool's permissions to 777 on filesystem, but i get
the
same error, only for RAW images. Volume's xml looks like:
<volume>
    <name>{{user.id}}_{{image.id}}</name>
    <source>
    </source>
    <capacity unit='bytes'>{{image.size}}</capacity>
    <target>
        <format type='{{ image.format }}'/>
        <permissions>
            <mode>660</mode>
        </permissions>
    </target>
</volume>

I've tried to create it without defining permissions, but it's the same.
Problem exists in Ubuntu Server 16.04 (libvirt from repo) and Raspbian
(libvirt in version 1.2.9). Do you know if it is possible solve this
problem with this version of libvirt?


-- 
Maciej Nabożny
cloudover.io

On Fri, Oct 07, 2016 at 12:02:48PM +0200, Maciej Nabożny
wrote:
>Hi,
>I'm facing similar problem to described here:
>https://www.redhat.com/archives/libvirt-users/2016-February/msg00033.html
>I got Libvirt pool mounted over netfs and I'm trying to create new
volume,
>with pool.createXML. When format is qcow2, everything works fine.
>Unfortunately, for raw images libvirt raises error Permission denied. Whole
>pool is owned by root. Libvirt starts as root user too.
>
>I've tried to change pool's permissions to 777 on filesystem, but i
get the
>same error, only for RAW images. Volume's xml looks like:
><volume>
>    <name>{{user.id}}_{{image.id}}</name>
>    <source>
>    </source>
>    <capacity unit='bytes'>{{image.size}}</capacity>
>    <target>
>        <format type='{{ image.format }}'/>
>        <permissions>
>            <mode>660</mode>
So this fails even with:

    <owner>{{ user.uid }}</owner>
    <group>{{ user.gid }}</group>

added to the permissions?  If you create qcow2 image who is the owner of
that image? (user:group)
>        </permissions>
>    </target>
></volume>
>
>I've tried to create it without defining permissions, but it's the
same.
>Problem exists in Ubuntu Server 16.04 (libvirt from repo) and Raspbian
>(libvirt in version 1.2.9). Do you know if it is possible solve this
>problem with this version of libvirt?
>
>
>--
>Maciej Nabożny
>cloudover.io
>_______________________________________________
>libvirt-users mailing list
>libvirt-users@redhat.com
>https://www.redhat.com/mailman/listinfo/libvirt-users

Owner of qcow2 is nobody:nobody. I added owner and group information, but
still error is the same:
cannot chown
/var/lib/cloudOver/storages/core/dbedb2cee9444107ab505e58045bc66a_eedf0e1bf4974d709d32269fe4fd594e
to (0, 0): Operation not permitted
With defined owner and group even qcow2 images fail. Without it, qcow2
works fine.

Contents of the pool directory:

$ ls -lha /var/lib/cloudOver/storages/core/
total 1.6G
drwxrwxrwx 2 root      root      4.0K Oct  7 20:42 .
drwxr-xr-x 3 cloudover cloudover 4.0K Sep 26 19:02 ..
-rw------- 1 nobody    nogroup   469M Oct  7 10:26
dbedb2cee9444107ab505e58045bc66a_07b97b789f6d40d8a8da23335d6b56b0
-rw------- 1 nobody    nogroup   300M Oct  7 10:53
dbedb2cee9444107ab505e58045bc66a_0a2cd5be4a6a4c1fba5347bfd2f6b469
-rw------- 1 nobody    nogroup   384K Oct  7 17:07
dbedb2cee9444107ab505e58045bc66a_3bdc98764f374ba1839378c7dc03c1ca
-rw------- 1 nobody    nogroup   384K Oct  7 16:28
dbedb2cee9444107ab505e58045bc66a_ac5fe8e773c4409380d654a8c92450ad
-rw------- 1 nobody    nogroup   857M Oct  7 11:10
dbedb2cee9444107ab505e58045bc66a_f62fa24120614c1ca89db92875e988c4

all parent directories for this pool have rx permissions for group and
other. I'm wondering why error is "operation not permitted" when
the image
file doesn't exist in filesystem? All existing files in this directory were
created with qcow2 format.

For now, probably I'll create temporary solution for this - I convert all
files as qcow2 during upload or create actions in cloud.


2016-10-07 15:49 GMT+02:00 Martin Kletzander <mkletzan@redhat.com>:
> On Fri, Oct 07, 2016 at 12:02:48PM +0200, Maciej Nabożny wrote:
>
>> Hi,
>> I'm facing similar problem to described here:
>>
https://www.redhat.com/archives/libvirt-users/2016-February/msg00033.html
>> I got Libvirt pool mounted over netfs and I'm trying to create new
volume,
>> with pool.createXML. When format is qcow2, everything works fine.
>> Unfortunately, for raw images libvirt raises error Permission denied.
>> Whole
>> pool is owned by root. Libvirt starts as root user too.
>>
>> I've tried to change pool's permissions to 777 on filesystem,
but i get
>> the
>> same error, only for RAW images. Volume's xml looks like:
>> <volume>
>>    <name>{{user.id}}_{{image.id}}</name>
>>    <source>
>>    </source>
>>    <capacity unit='bytes'>{{image.size}}</capacity>
>>    <target>
>>        <format type='{{ image.format }}'/>
>>        <permissions>
>>            <mode>660</mode>
>>
>
> So this fails even with:
>
>    <owner>{{ user.uid }}</owner>
>    <group>{{ user.gid }}</group>
>
> added to the permissions?  If you create qcow2 image who is the owner of
> that image? (user:group)
>
>        </permissions>
>>    </target>
>> </volume>
>>
>> I've tried to create it without defining permissions, but it's
the same.
>> Problem exists in Ubuntu Server 16.04 (libvirt from repo) and Raspbian
>> (libvirt in version 1.2.9). Do you know if it is possible solve this
>> problem with this version of libvirt?
>>
>>
>> --
>> Maciej Nabożny
>> cloudover.io
>>
>
> _______________________________________________
>> libvirt-users mailing list
>> libvirt-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/libvirt-users
>>
>

-- 
Maciej Nabożny
cloudover.io