On Fri, Dec 13, 2019 at 1:39 AM Nir Soffer <nsof...@redhat.com> wrote: > > On Tue, Dec 10, 2019 at 4:35 PM Robert Webb <rw...@ropeguru.com> wrote: > > ... > > >https://ovirt.org/develop/troubleshooting-nfs-storage-issues.html > > > > > >Generally speaking: > > > > > >Files there are created by vdsm (vdsmd), but are used (when running VMs) > > >by qemu. So both of them need access. > > > > So the link to the NFS storage troubleshooting page is where I found that > > the perms needed to be 755. > > I think this is an error in the troubleshooting page. There is no > reason to allow access to > other users except vdsm:kvm.
The page mentions other daemons: >> In principle, the user vdsm, with uid 36 and gid 36, must have read and >> write permissions on >> all NFS exports. However, some daemons on the hypervisor hosts (for example, >> sanlock) >> use a different uid but need access to the directory too. But other daemon that should have access to vdsm storage are in the kvm group (vdsm configure this during installation): $ id sanlock uid=179(sanlock) gid=179(sanlock) groups=179(sanlock),6(disk),36(kvm),107(qemu) > ... > > Like this: > > > > drwxr-xr-x+ 2 vdsm kvm 4096 Dec 10 09:03 . > > drwxr-xr-x+ 3 vdsm kvm 4096 Dec 10 09:02 .. > > -rw-rw---- 1 vdsm kvm 53687091200 Dec 10 09:02 > > 5a514067-82fb-42f9-b436-f8f93883fe27 > > -rw-rw---- 1 vdsm kvm 1048576 Dec 10 09:03 > > 5a514067-82fb-42f9-b436-f8f93883fe27.lease > > -rw-r--r-- 1 vdsm kvm 298 Dec 10 09:03 > > 5a514067-82fb-42f9-b436-f8f93883fe27.meta > > > > > > So, with all that said, I cleaned everything up and my directory > > permissions look like what Tony posted for his. I have added in his export > > options to my setup and rebooted my host. > > > > I created a new VM from scratch and the files under images now look like > > this: > > > > drwxr-xr-x+ 2 vdsm kvm 4096 Dec 10 09:03 . > > drwxr-xr-x+ 3 vdsm kvm 4096 Dec 10 09:02 .. > > -rw-rw---- 1 vdsm kvm 53687091200 Dec 10 09:02 > > 5a514067-82fb-42f9-b436-f8f93883fe27 > > -rw-rw---- 1 vdsm kvm 1048576 Dec 10 09:03 > > 5a514067-82fb-42f9-b436-f8f93883fe27.lease > > -rw-r--r-- 1 vdsm kvm 298 Dec 10 09:03 > > 5a514067-82fb-42f9-b436-f8f93883fe27.meta > > > > > > Still not the 755 as expected, > > It is not expected, the permissions look normal. > > These are the permissions used for volumes on file based storage: > > lib/vdsm/storage/constants.py:FILE_VOLUME_PERMISSIONS = 0o660 > > but I am guessing with the addition of the "anonuid=36,anongid=36" to > the exports, everything is now working as expected. The VM will boot > and run as expected. There was nothing in the any of the documentation > which alluded to possibly needed the additional options in the NFS > export options. > > I this is a libvirt issue, it tries to access volumes as root, and > without anonuid=36,anongid=36 > it will be squashed to nobody and fail. > > Nir _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/3KZII244RKMFPKSYD5WJ47IES4XLT2LI/
