|
When I set: root@tyan-host:/etc/apparmor.d/local# /etc/init.d/apparmor stop root@tyan-host:/etc/apparmor.d/local# /etc/init.d/apparmor teardown root@tyan-host:/etc/apparmor.d/local# apparmor_status apparmor module is loaded. 0 profiles are loaded. 0 profiles are in enforce mode. 0 profiles are in complain mode. 0 processes have profiles defined. 0 processes are in enforce mode : 0 processes are in complain mode. 0 processes are unconfined but have a profile defined. nothing changed. But - during the resubmit process - apparmor status was changed for a while (a few seconds - when VM is in state "BOOT", until fall down to "FAILED") to: root@tyan-host:/etc/apparmor.d/local# apparmor_status apparmor module is loaded. 1 profiles are loaded. 1 profiles are in enforce mode. libvirt-b0bc94b8-588c-ad63-6367-45d1fc9c16d5 0 profiles are in complain mode. 0 processes have profiles defined. 0 processes are in enforce mode : 0 processes are in complain mode. 0 processes are unconfined but have a profile defined. When in oned.log a message appears: Thu Jun 21 16:41:17 2012 [VMM][I]: Successfully execute network driver operation: pre. immedialtely after that in /var/log/syslog appears: Jun 22 10:46:09 tyan-host kernel: [60470.749192] type=1505 audit(1340354769.603:49): operation="profile_load" pid=14286 name="libvirt-b0bc94b8-588c-ad63-6367-45d1fc9c16d5" Jun 22 10:46:09 tyan-host libvirtd: 10:46:09.624: error : qemuDomainSetFileOwnership:2222 : cannot set ownership on /var/lib/one/1/images/disk.0: Permission denied When in oned-log the messages appears: Thu Jun 21 16:41:48 2012 [VMM][I]: Command execution fail: cat << EOT | /var/tmp/one/vmm/kvm/deploy /var/lib/one/1/images/deployment.4 tyan 1 tyan Thu Jun 21 16:41:48 2012 [VMM][I]: error: Failed to create domain from /var/lib/one/1/images/deployment.4 Thu Jun 21 16:41:48 2012 [VMM][I]: error: cannot set ownership on /var/lib/one/1/images/disk.1: Permission denied Thu Jun 21 16:41:48 2012 [VMM][E]: Could not create domain from /var/lib/one/1/images/deployment.4 Thu Jun 21 16:41:48 2012 [VMM][I]: ExitCode: 255 Thu Jun 21 16:41:48 2012 [VMM][I]: Failed to execute virtualization driver operation: deploy. Thu Jun 21 16:41:48 2012 [VMM][E]: Error deploying virtual machine: Could not create domain from /var/lib/one/1/images/deployment.4 Thu Jun 21 16:41:49 2012 [DiM][I]: New VM state is FAILED at the same time in syslog appears: Jun 22 10:46:39 tyan-host libvirtd: 10:46:39.636: error : qemuMonitorOpenUnix:268 : monitor socket did not show up.: No such file or directory Jun 22 10:46:39 tyan-host libvirtd: 10:46:39.636: error : qemuConnectMonitor:822 : Failed to connect monitor for one-1#012 Jun 22 10:46:39 tyan-host kernel: [60500.950824] type=1505 audit(1340354799.805:50): operation="profile_remove" pid=14299 name="libvirt-b0bc94b8-588c-ad63-6367-45d1fc9c16d5" namespace="root" Jun 22 10:46:39 tyan-host libvirtd: 10:46:39.818: error : qemuDomainSetFileOwnership:2222 : cannot set ownership on /var/lib/one/1/images/disk.1: Permission denied Jun 22 10:46:39 tyan-host libvirtd: 10:46:39.819: warning : qemudShutdownVMDaemon:2703 : Failed to restore all device ownership for one-1 When I set: aa-complain libvirtd nothing changed, the same result and messages in logs. I things the issue is not in apparmor - something in permissions is wrong (oneadmin is a member of sudoers, of course). Everything mentioned here is on host (not on ONE server). Permissions of folders and files: oneadmin@tyan-host:~/images$ pwd /var/lib/one/images oneadmin@tyan-host:~/images$ ls -la total 19326692 drwxrwx--T 2 oneadmin root 4096 Jun 21 16:01 . drwxr-xr-x 11 oneadmin root 4096 Jun 22 08:44 .. -rw-rw---- 1 oneadmin root 927989760 Jun 20 10:57 46440b43448202b4ee69b4b541f5eeab -rw-rw---- 1 oneadmin cloud 2996799488 Jun 21 16:01 5bc39d96de8b79c5154c12d534359460 -rw-rw---- 1 oneadmin root 10737418241 Jun 20 10:57 9c52b90a79dba7c26a912d05ff5190b8 -rw-rw---- 1 oneadmin cloud 15728640001 Jun 21 16:05 a1a5f9b12659a78bdc54e9fe9c6ecb79 oneadmin@tyan-host:~$ pwd /var/lib/one oneadmin@tyan-host:~$ ls -la total 168 drwxr-xr-x 11 oneadmin root 4096 Jun 22 08:44 . drwxr-xr-x 38 root root 4096 Jun 21 17:30 .. -rw------- 1 oneadmin cloud 3375 Jun 22 08:41 .bash_history drwx------ 3 oneadmin cloud 4096 Jun 21 09:35 .cache drwx------ 3 oneadmin cloud 4096 Jun 21 09:35 .config drwx------ 3 oneadmin cloud 4096 Jun 21 09:35 .local drwx------ 2 oneadmin cloud 4096 Jun 20 09:49 .one drwx------ 2 oneadmin root 4096 Jun 20 17:43 .ssh -rw------- 1 oneadmin cloud 3977 Jun 21 09:49 .viminfo drwxrwxrwx 3 oneadmin cloud 4096 Jun 21 16:18 0 drwxrwxrwx 3 oneadmin cloud 4096 Jun 22 08:44 1 -rw-r--r-- 1 oneadmin cloud 1738 Jun 21 08:50 config drwxrwx--T 2 oneadmin root 4096 Jun 21 16:01 images -rw-r--r-- 1 oneadmin cloud 91136 Jun 22 08:44 one.db -rw-r--r-- 1 oneadmin cloud 16384 Jun 20 16:28 oneacct.db drwxr-xr-x 8 root root 4096 Jun 20 09:33 remotes oneadmin@tyan-host:~/1$ pwd /var/lib/one/1 oneadmin@tyan-host:~/1$ ls -la total 164 drwxrwxrwx 3 oneadmin cloud 4096 Jun 22 08:44 . drwxr-xr-x 11 oneadmin root 4096 Jun 22 08:44 .. -rw-r--r-- 1 oneadmin cloud 723 Jun 22 08:44 deployment.12 drwxrwxrwx 2 oneadmin cloud 4096 Jun 22 08:44 images -rw-r--r-- 1 oneadmin cloud 201 Jun 22 08:42 transfer.12.prolog oneadmin@tyan-host:~/1/images$ pwd /var/lib/one/1/images oneadmin@tyan-host:~/1/images$ ls -la total 2926580 drwxrwxrwx 2 oneadmin cloud 4096 Jun 22 08:44 . drwxrwxrwx 3 oneadmin cloud 4096 Jun 22 08:44 .. -rw-r--r-- 1 oneadmin cloud 724 Jun 22 08:44 deployment.12 -rw-rw-rw- 1 oneadmin cloud 2996799488 Jun 22 08:43 disk.0 lrwxrwxrwx 1 oneadmin cloud 52 Jun 22 08:43 disk.1 -> /var/lib/one/images/a1a5f9b12659a78bdc54e9fe9c6ecb79 Perhaps this helps to analyze the issue. Jan Dňa 21.06.2012 16:46, Jaime Melis wrote / napísal(a): Hello Jan, --
 Ján Beňadik Managed Services - Solution Design Architect +421 46 5151 332 +421 903 691 634 jan.bena...@atos.net Vinohradnícka 6, 971 01 Prievidza www.sk.atos.net __________________________________  |
_______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
