[libvirt] libvirt-0.8.8 libvir: Security Labeling error : unable to set user and group to '0:0' on '...': Permission denied
Laine Stump
laine at laine.org
Thu Apr 28 14:50:49 UTC 2011
On 04/28/2011 09:36 AM, Nikola Ciprich wrote:
> Hello,
> I just noticed strange problem. While trying to start vm with cdrom image on a samba mount, I get:
> libvir: Security Labeling error : unable to set user and group to '0:0' on '/home/cluster/images/interinformatics/CentOS-5.4-i386-bin-DVD.iso': Permission denied
> I googled this up, and found some solutions, but none seems to be suitable for me. The biggest problem is I'm not using selinux at all, its completely disabled, and I don't have a chance to change mount parameters as well...
> Is there any way to workaround this?
> thanks a lot in advance!
This isn't related to selinux, but to libvirt's practice of changing the
user:group of files that must be opened by qemu. You can tell libvirt to
not do this - edit /etc/libvirt/qemu.conf, and uncomment the line that
says "dynamic_ownership = 1" and change the 1 to a 0. Then restart
libvirtd. Note that once you've done this, you'll need to make sure that
all disk image files used by qemu are pre-set to the proper ownership
for the "qemu user" to access them (this includes all parent directories
of the image files) (the qemu user is "root" on many systems, but is
"qemu" on some others (eg Fedora and RHEL). It may also be configured in
/etc/libvirt/qemu.conf).
More information about the libvir-list
mailing list