unix_sock_group = "oneadmin" unix_sock_ro_perms = "0777" unix_sock_rw_perms = "0770" #unix_sock_dir = "/var/run/libvirt"
# Set an authentication scheme for UNIX read-write sockets # By default socket permissions only allow root. If PolicyKit # support was compiled into libvirt, the default will be to # use 'polkit' auth. # # If the unix_sock_rw_perms are changed you may wish to enable # an authentication mechanism here #auth_unix_rw = "none" 2013/2/22 Jaime Melis <jme...@opennebula.org> > Can you try with this libvirtd.conf? > > # cat /etc/libvirtd/libvirtd.conf > unix_sock_group = "oneadmin" > > I know you said you already tried that, but maybe not with the same > qemu.conf I sent in a previous email? (of course a libvirtd restart is > required...) > > > On Fri, Feb 22, 2013 at 12:41 PM, Enric Pere Pages Montanera < > vprotrain...@gmail.com> wrote: > >> Yes. >> As root works, as oneadmin I get: >> >> error: Failed to connect to the hypervisor >> error: authentication failed: Authorization requires authentication but >> no agent is available. >> >> 2013/2/22 Jaime Melis <jme...@opennebula.org> >> >>> Have you restarted libvirt? >>> >>> what happens if you do "virsh -c qemu:///system" as oneadmin? and as >>> root? >>> >>> >>> On Fri, Feb 22, 2013 at 12:35 PM, Enric Pere Pages Montanera < >>> vprotrain...@gmail.com> wrote: >>> >>>> Yes, it is. >>>> >>>> I can see it from the logs: >>>> ** (process:2714): DEBUG: system-bus-name::1.28 is inquiring whether >>>> unix-process:2987:64626 is authorized for org.libvirt.unix.manage >>>> ** (process:2714): DEBUG: user of caller is unix-user:root >>>> ** (process:2714): DEBUG: user of subject is unix-user:oneadmin >>>> ** (process:2714): DEBUG: checking whether unix-process:2987:64626 is >>>> authorized for org.libvirt.unix.manage >>>> ** (process:2714): DEBUG: (nil) >>>> ** (process:2714): DEBUG: challenge (implicit_authorization = >>>> auth_admin) >>>> ** (process:2714): DEBUG: >>>> 2013-02-22 11:32:27.241+0000: 2755: error : >>>> remoteDispatchAuthPolkit:2559 : Policy kit denied action >>>> org.libvirt.unix.manage from pid 2987, uid 491: exit status 2 >>>> 2013-02-22 11:32:27.241+0000: 2755: error : >>>> remoteDispatchAuthPolkit:2588 : authentication failed: Authorization >>>> requires authentication but no agent is available. >>>> >>>> cheers, >>>> Enric >>>> 2013-02-22 11:32:27.242+0000: 2745: error : virNetSocketReadWire:999 : >>>> End of file while reading data: Input/output error >>>> >>>> >>>> >>>> 2013/2/21 Jaime Melis <jme...@opennebula.org> >>>> >>>>> Hi Enric, >>>>> >>>>> is this your current configuration? >>>>> >>>>> $ cat >>>>> /etc/polkit-1/localauthority/50-local.d/50-org.libvirt.unix.manage-opennebula.pkla >>>>> Identity=unix-user:oneadmin >>>>> Action=org.libvirt.unix.manage >>>>> #Action=org.libvirt.unix.monitor >>>>> ResultAny=yes >>>>> ResultInactive=yes >>>>> ResultActive=yes >>>>> >>>>> $ cat /etc/libvirt/qemu.conf >>>>> user = "oneadmin" >>>>> group = "oneadmin" >>>>> dynamic_ownership = 0 >>>>> >>>>> also, can you try without SELinux enabled? (setenforce 0) >>>>> >>>>> cheers, >>>>> Jaime >>>>> >>>>> >>>>> On Wed, Feb 20, 2013 at 3:46 PM, Enric Pere Pages Montanera < >>>>> vprotrain...@gmail.com> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> I am having the same issue described in this thread, I tried your >>>>>> suggestions but unfortunately they are not working for me. >>>>>> >>>>>> I tried >>>>>> >>>>>> >>>>>> - Add unix_sock_group = oneadmin >>>>>> - Add unix_sock_ro_perms = 0777 >>>>>> - Add unix_sock_rw_perms = 0777 >>>>>> - Add auth_unix_rw = "none" >>>>>> >>>>>> I tried it without auth and with polkit auth, but still not able to >>>>>> connect to the hypervisor. >>>>>> >>>>>> It is weird cause I was able to do the same with the same host in the >>>>>> past. >>>>>> >>>>>> I am working on a SL63, just to let you know ... I have access to >>>>>> another ONE system which exactly the same config (OS,etc) and there >>>>>> everything seems working. >>>>>> >>>>>> Any thoughts? >>>>>> >>>>>> BR, >>>>>> Enric >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> 2012/10/8 André Monteiro <andre.mont...@gmail.com> >>>>>> >>>>>>> Can you do a virsh -c qemu:///system? If not its a OS problem, not >>>>>>> ONE. >>>>>>> >>>>>>> If yes, I'm working on a SL6.2, on the vmm_exec_kvm.conf the line >>>>>>> "EMULATOR = /usr/libexec/qemu-kvm" must have your correct path of >>>>>>> qemu-kvm, >>>>>>> does "/usr/libexec/qemu-kvm" exists? >>>>>>> >>>>>>> -- >>>>>>> André Monteiro >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Mon, Oct 8, 2012 at 12:31 PM, Tuan Le Doan <tuan.fet...@gmail.com >>>>>>> > wrote: >>>>>>> >>>>>>>> Andre, >>>>>>>> >>>>>>>> Yes, my location is /var/lib/one/etc/vmm_exec/vmm_exec_kvm.conf. >>>>>>>> I made like your suggestion, howerver it's still error :( >>>>>>>> >>>>>>>> 2012/10/8 André Monteiro <andre.mont...@gmail.com> >>>>>>>> >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> Sorry, that's my /opt/opennebula is my self-contained installation >>>>>>>>> folder, you must edit your own folder, something like >>>>>>>>> /srv/cloud/one/etc/vmm or /var/lib/one/etc/. >>>>>>>>> >>>>>>>>> -- >>>>>>>>> André Monteiro >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Mon, Oct 8, 2012 at 11:50 AM, Tuan Le Doan < >>>>>>>>> tuan.fet...@gmail.com> wrote: >>>>>>>>> >>>>>>>>>> Dear Andre, >>>>>>>>>> >>>>>>>>>> I didn't find /opt/opennebula/etc/vmm_exec/vmm_exec_kvm.conf >>>>>>>>>> I'm using CentOS 6.3, is there some different? >>>>>>>>>> >>>>>>>>>> Thank you. >>>>>>>>>> >>>>>>>>>> 2012/10/8 André Monteiro <andre.mont...@gmail.com> >>>>>>>>>> >>>>>>>>>>> Hello, >>>>>>>>>>> >>>>>>>>>>> The one time I had that problem I couldn't connect to hypervisor >>>>>>>>>>> from virsh. Try virsh -c qemu:///system to confirm that. >>>>>>>>>>> >>>>>>>>>>> My solution was: >>>>>>>>>>> >>>>>>>>>>> - Edit /etc/libvirt/libvirtd.conf >>>>>>>>>>> - Add unix_sock_group = oneadmin >>>>>>>>>>> - Add unix_sock_ro_perms = 0777 >>>>>>>>>>> - Add unix_sock_rw_perms = 0777 >>>>>>>>>>> - Add auth_unix_rw = "none" >>>>>>>>>>> - service libvirtd restart >>>>>>>>>>> - Edit /opt/opennebula/etc/vmm_exec/vmm_exec_kvm.conf >>>>>>>>>>> - Add EMULATOR = /usr/libexec/qemu-kvm >>>>>>>>>>> - one stop >>>>>>>>>>> - one start >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> André Monteiro >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Mon, Oct 8, 2012 at 10:28 AM, Tuan Le Doan < >>>>>>>>>>> tuan.fet...@gmail.com> wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> Thank you for all reply, I fixed that error, but after that i >>>>>>>>>>>> received another error when i created host: >>>>>>>>>>>> >>>>>>>>>>>> This is my oned.log file: >>>>>>>>>>>> >>>>>>>>>>>> Command execution fail: 'if [ -x "/var/tmp/one/im/run_probes" >>>>>>>>>>>> ]; then /var/tmp/one/im/run_probes kvm 1 centoshost; >>>>>>>>>>>> else exit 42; fi' >>>>>>>>>>>> Fri Oct 5 16:52:51 2012 [InM][I]: error: authentication >>>>>>>>>>>> failed: Authorization requires authentication but no agent is >>>>>>>>>>>> available. >>>>>>>>>>>> Fri Oct 5 16:52:51 2012 [InM][I]: >>>>>>>>>>>> Fri Oct 5 16:52:51 2012 [InM][I]: error: failed to connect to >>>>>>>>>>>> the hypervisor >>>>>>>>>>>> Fri Oct 5 16:52:51 2012 [InM][E]: Error executing kvm.rb >>>>>>>>>>>> Fri Oct 5 16:52:51 2012 [InM][I]: ExitCode: 255 >>>>>>>>>>>> Fri Oct 5 16:52:51 2012 [InM][E]: Error monitoring host 1 : >>>>>>>>>>>> MONITOR FAILURE 1 Error executing kvm.rb >>>>>>>>>>>> >>>>>>>>>>>> I tried to add libvirt group and add oneadmin user to libvirt >>>>>>>>>>>> and kvm group, but it's still error. >>>>>>>>>>>> >>>>>>>>>>>> Hope that anyone can help me :P >>>>>>>>>>>> >>>>>>>>>>>> Regards. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> 2012/10/3 Rodolfo Conte Brufatto <rcbrufa...@gmail.com> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> Tuan, there is no key in your .ssh directory. You will need >>>>>>>>>>>>> that anyway. >>>>>>>>>>>>> Make sure the key pair file and the public key are available >>>>>>>>>>>>> in that directory. After that, depending on how you generated the >>>>>>>>>>>>> key files >>>>>>>>>>>>> (using ssh-keygen or openssl) you just need to copy your public >>>>>>>>>>>>> key to >>>>>>>>>>>>> .ssh/authorized_keys. If it was created with openssl you can >>>>>>>>>>>>> export it >>>>>>>>>>>>> using ssh-keygen as well. >>>>>>>>>>>>> >>>>>>>>>>>>> cheers >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Wed, Oct 3, 2012 at 6:04 AM, Tuan Le Doan < >>>>>>>>>>>>> tuan.fet...@gmail.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>>> I use only one machine for both of Master and Host (I >>>>>>>>>>>>>> installed OpenNebula and KVM in 1 server). >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> 2012/10/3 Duverne, Cyrille <cyrille.duve...@euranova.eu> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hello Tuan, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Are you sure that the ssl key of oneadmin on your Master >>>>>>>>>>>>>>> machine is the same than the one in your Host ? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> CyD >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Blog : http://blog.cduverne.com >>>>>>>>>>>>>>> Twitter : @CydsWorld >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> "Imagination is more important than Knowledge" >>>>>>>>>>>>>>> Albert Einstein >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Mercredi 03/10/2012 à 9:43 Tuan Le Doan a écrit: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi CyD, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> This is the output: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> [oneadmin@centoshost Desktop]$ ls -lArth >>>>>>>>>>>>>>> /var/lib/one/.ssh/config >>>>>>>>>>>>>>> -rw-rw-r--. 1 oneadmin oneadmin 33 Sep 24 15:35 >>>>>>>>>>>>>>> /var/lib/one/.ssh/config >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Do you know how can i do to fix it? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 2012/10/3 Duverne, Cyrille <cyrille.duve...@euranova.eu> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hello Tuan, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Could you send the output of : " ls -lArth >>>>>>>>>>>>>>>> /var/lib/one/.ssh/config " >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I suspect you didn't chown -R the directory. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Kind regards >>>>>>>>>>>>>>>> CyD >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Blog : http://blog.cduverne.com >>>>>>>>>>>>>>>> Twitter : @CydsWorld >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> "Imagination is more important than Knowledge" >>>>>>>>>>>>>>>> Albert Einstein >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Mercredi 03/10/2012 à 6:58 Tuan Le Doan a écrit: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Dear all, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I have installed Opennebula 3.6 and KVM successful on >>>>>>>>>>>>>>>> single machine (CentOS 6.3). >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> But when I add host and run “onehost list” command, the >>>>>>>>>>>>>>>> state of host is error. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I checked the log file and saw “Bad owner or permisions on >>>>>>>>>>>>>>>> /var/lib/one/.ssh/config” message. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> So I think my error is the password less connection to host >>>>>>>>>>>>>>>> was lost. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I tried to change permission of /var/lib/one to oneadmin >>>>>>>>>>>>>>>> user with “sudo chown oneadmin:oneadmin /var/lib/one” but it’s >>>>>>>>>>>>>>>> still error. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I couldn’t create SSH key for oneadmin because of “Bad >>>>>>>>>>>>>>>> owner or permisions on /var/lib/one/.ssh/config” error. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Anyone can help me to fix it? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Regards. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> *Le Doan Tuan >>>>>>>>>>>>>>>> -----------------------------------------------------* >>>>>>>>>>>>>>>> Undergraduate Student of School of Electronics & >>>>>>>>>>>>>>>> Telecommunications. >>>>>>>>>>>>>>>> Hanoi University of Science & Technology >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Tel : +84 987 248 215 >>>>>>>>>>>>>>>> Yahoo: ledoantuan1 >>>>>>>>>>>>>>>> Skype: ledoantuan1 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> *Le Doan Tuan >>>>>>>>>>>>>>> -----------------------------------------------------* >>>>>>>>>>>>>>> Undergraduate Student of School of Electronics & >>>>>>>>>>>>>>> Telecommunications. >>>>>>>>>>>>>>> Hanoi University of Science & Technology >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Tel : +84 987 248 215 >>>>>>>>>>>>>>> Yahoo: ledoantuan1 >>>>>>>>>>>>>>> Skype: ledoantuan1 >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> >>>>>>>>>>>>>> *Le Doan Tuan >>>>>>>>>>>>>> -----------------------------------------------------* >>>>>>>>>>>>>> Undergraduate Student of School of Electronics & >>>>>>>>>>>>>> Telecommunications. >>>>>>>>>>>>>> Hanoi University of Science & Technology >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Tel : +84 987 248 215 >>>>>>>>>>>>>> Yahoo: ledoantuan1 >>>>>>>>>>>>>> Skype: ledoantuan1 >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>> Users mailing list >>>>>>>>>>>>>> Users@lists.opennebula.org >>>>>>>>>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> Have you tried turning it off and on again? >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> >>>>>>>>>>>> *Le Doan Tuan >>>>>>>>>>>> -----------------------------------------------------* >>>>>>>>>>>> Undergraduate Student of School of Electronics & >>>>>>>>>>>> Telecommunications. >>>>>>>>>>>> Hanoi University of Science & Technology >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Tel : +84 987 248 215 >>>>>>>>>>>> Yahoo: ledoantuan1 >>>>>>>>>>>> Skype: ledoantuan1 >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> Users mailing list >>>>>>>>>>>> Users@lists.opennebula.org >>>>>>>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> *Le Doan Tuan >>>>>>>>>> -----------------------------------------------------* >>>>>>>>>> Undergraduate Student of School of Electronics & >>>>>>>>>> Telecommunications. >>>>>>>>>> Hanoi University of Science & Technology >>>>>>>>>> Tel : +84 987 248 215 >>>>>>>>>> Yahoo: ledoantuan1 >>>>>>>>>> Skype: ledoantuan1 >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Le Doan Tuan-----------------------------------------------------* >>>>>>>> Undergraduate Student of School of Electronics & >>>>>>>> Telecommunications. >>>>>>>> Hanoi University of Science & Technology >>>>>>>> Tel : +84 987 248 215 >>>>>>>> Yahoo: ledoantuan1 >>>>>>>> Skype: ledoantuan1 >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Users mailing list >>>>>>> Users@lists.opennebula.org >>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Users mailing list >>>>>> Users@lists.opennebula.org >>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Jaime Melis >>>>> Project Engineer >>>>> OpenNebula - The Open Source Toolkit for Cloud Computing >>>>> www.OpenNebula.org | jme...@opennebula.org >>>> >>>> >>>> >>> >>> >>> -- >>> Jaime Melis >>> Project Engineer >>> OpenNebula - The Open Source Toolkit for Cloud Computing >>> www.OpenNebula.org | jme...@opennebula.org >>> >> >> > > > -- > Jaime Melis > Project Engineer > OpenNebula - The Open Source Toolkit for Cloud Computing > www.OpenNebula.org | jme...@opennebula.org >
_______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org