Some more information... I'm now able to mess with the permissions by tunning /etc/idmapd.conf and setting the nobody-user and nobody-group to my user (i've tried with root and qemu) AND by setting the RPCIDMAPARGS="-C" in /etc/sysconfig/nfs and restarting the rcp.idmapd process..
On the client: [root@l02 ~]# ls -l /var/lib/xcat/pools/2e66895a-e09a-53d5-74d3-eccdd9746eb5 total 136 -rw------- 1 qemu qemu 262144 Aug 10 02:00 vm1.hda.qcow2 [root@l02 ~]# On the server: [root@xcat xCAT_plugin]# rpower vm1 on vm1: Error: internal error Process exited while reading console log output: char device redirected to /dev/pts/1 qemu: could not open disk image /var/lib/xcat/pools/2e66895a-e09a-53d5-74d3-eccdd9746eb5/vm1.hda.qcow2: Permission denied: internal error Process exited while reading console log output: char device redirected to /dev/pts/1 qemu: could not open disk image /var/lib/xcat/pools/2e66895a-e09a-53d5-74d3-eccdd9746eb5/vm1.hda.qcow2: Permission denied [root@xcat xCAT_plugin]# What is really weird is that i CAN open the file and change it (as well as create files in the share) so i have no idea why is it failing... I'm 99% sure the qemu process on the hypervisor runs as "qemu" so i do not know why is this failing... :o|. Any thoughts? Thanks, Luis On Wed, Aug 10, 2011 at 1:32 AM, Luis Miguel Silva <luismiguelferreirasi...@gmail.com> wrote: > I've been debugging this and noticed the kvm module generates a xml > file that represents the storage and passes it to the hypervisor on vm > creation. > > So i tunned the kvm module to create this file with root user / group > permissions (uid/gid = 0, since, by default, it does not pass any > permission information so libvirt defaults to uid/gid = -1): > [root@l02 ~]# cat /etc/libvirt/storage/nfs_xcat.core.cloud_vms_shared_kvm.xml > <pool type='netfs'> > <name>nfs_xcat.core.cloud_vms_shared_kvm</name> > <uuid>2e66895a-e09a-53d5-74d3-eccdd9746eb5</uuid> > <capacity>0</capacity> > <allocation>0</allocation> > <available>0</available> > <source> > <host name='xcat.core.cloud'/> > <dir path='/vms/shared/kvm'/> > <format type='auto'/> > </source> > <target> > <path>/var/lib/xcat/pools/2e66895a-e09a-53d5-74d3-eccdd9746eb5</path> > <permissions> > <mode>0700</mode> > <owner>0</owner> > <group>0</group> > </permissions> > </target> > </pool> > [root@l02 ~]# > > Unfortunately, this still did not fix my problem: > [root@l02 ~]# ls /var/lib/xcat/pools/2e66895a-e09a-53d5-74d3-eccdd9746eb5 -l > total 136 > -rw------- 1 nobody nobody 262144 Aug 10 01:27 vm1.hda.qcow2 > [root@l02 ~]# > > On my headnode the files are owned by root but on the hypervisor, they > appear as being owned by nobody (because the client is, apparently, > mounting the NFS share with incorrect permissions)... > > Any thoughts on how to fix this?? > > Thanks, > Luis > > On Tue, Aug 9, 2011 at 4:53 PM, Luis Miguel Silva > <luismiguelferreirasi...@gmail.com> wrote: >> Dear all, >> >> I'm having some trouble with NFS permissions / KVM in my xCAT system: >> rpower failed for vm4: internal error process exited while connecting >> to monitor: char device redirected to /dev/pts/0 qemu: could not open >> disk image >> /var/lib/xcat/pools/2e66895a-e09a-53d5-74d3-eccdd9746eb5/vm4.hda.qcow2: >> Permission denied >> >> This is how my NFS shares are configured: >> [root@xcat moab]# cat /etc/exports >> /tftpboot *(rw,no_root_squash,sync,no_subtree_check) >> /install *(rw,no_root_squash,sync,no_subtree_check) >> /vms/shared/kvm *(rw,no_root_squash,sync,fsid=1) >> /vms/shared/esx *(rw,no_root_squash,sync,fsid=2) >> /vms/vlan3/OS *(rw,no_root_squash,sync,fsid=3) >> /vms/vlan4/OS *(rw,no_root_squash,sync,fsid=4) >> /vms/vlan5/OS *(rw,no_root_squash,sync,fsid=5) >> /storage/vlan3/gold *(rw,no_root_squash,sync,fsid=6) >> /storage/vlan3/silver *(rw,no_root_squash,sync,fsid=7) >> /storage/vlan4/gold *(rw,no_root_squash,sync,fsid=8) >> /storage/vlan4/silver *(rw,no_root_squash,sync,fsid=9) >> /storage/vlan5/gold *(rw,no_root_squash,sync,fsid=10) >> /storage/vlan5/silver *(rw,no_root_squash,sync,fsid=11) >> [root@xcat moab]# >> >> When the image is created, it is created with the following permissions: >> [root@xcat moab]# ls -l /vms/shared/kvm/vm4.hda.qcow2 >> -rw------- 1 root root 262144 Aug 9 16:26 /vms/shared/kvm/vm4.hda.qcow2 >> [root@xcat moab]# >> >> And, until i chmod 777 the image, it doesn't seem to work. >> >> I did not have this problem until i set unique fsids on all the shares.... >> Any thoughts on how should i configure my shares? I obviously do not >> want to chmod 777 all images [and plus, this needs to happen >> automatically] :o) >> >> p.s. i noticed my rhels6 system (running the hypervisor) has a qemu >> account...i'm guessing that's what it uses to access the share... >> So a solution might be to force qemu to run as root on the hypervisor. >> How do i do it? (and, is that desirable)? >> >> Thanks, >> Luis >> > ------------------------------------------------------------------------------ uberSVN's rich system and user administration capabilities and model configuration take the hassle out of deploying and managing Subversion and the tools developers use with it. Learn more about uberSVN and get a free download at: http://p.sf.net/sfu/wandisco-dev2dev _______________________________________________ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
