[libvirt-users] [libvirt] Libvirtd running as root tries to access oneadmin (OpenNebula) NFS mount but throws: error: can’t canonicalize path

Martin Kletzander mkletzan at redhat.com
Tue Apr 12 14:03:51 UTC 2016


On Mon, Apr 11, 2016 at 08:02:04PM -0400, TomK wrote:
>Hey All,
>
>Wondering if anyone had any suggestions on this topic?
>

The only thing I can come up with is:
'/var/lib/one//datastores/0/38/disk.1': Permission denied

... that don't have access to that file.  Could you elaborate on that?

I think it's either:

 a) you are running the domain as root or

 b) we don't use the domain's uid/gid to canonicalize the path.

But if read access is enough for canonicalizing that path, I think the
problem is purely with permissions.

>Cheers,
>Tom K.
>-------------------------------------------------------------------------------------
>
>Living on earth is expensive, but it includes a free trip around the sun.
>
>On 4/9/2016 11:08 AM, TomK wrote:
>> Adding in libvir-list.
>>
>> Cheers,
>> Tom K.
>> -------------------------------------------------------------------------------------
>>
>> Living on earth is expensive, but it includes a free trip around the sun.
>>
>> On 4/7/2016 7:32 PM, TomK wrote:
>>> Hey All,
>>>
>>> I've an issue where libvirtd tries to access an NFS mount but errors
>>> out with: can't canonicalize path '/var/lib/one//datastores/0 .  The
>>> unprevilidged user is able to read/write fine to the share.
>>> root_squash is used and for security reasons no_root_squash cannot be
>>> used.
>>>
>>> On the controller and node SELinux is disabled.
>>>
>>> [oneadmin at mdskvm-p01 ~]$ virsh -d 1 --connect qemu:///system create
>>> /var/lib/one//datastores/0/38/deployment.0
>>> create: file(optdata): /var/lib/one//datastores/0/38/deployment.0
>>> error: Failed to create domain from
>>> /var/lib/one//datastores/0/38/deployment.0
>>> error: can't canonicalize path
>>> '/var/lib/one//datastores/0/38/disk.1': Permission denied
>>>
>>> I added some debug flags to get more info and added -x to the deploy
>>> script. Closest I get to more details is this:
>>>
>>> 2016-04-06 04:15:35.945+0000: 14072: debug :
>>> virStorageFileBackendFileInit:1441 : initializing FS storage file
>>> 0x7f6aa4009000 (file:/var/lib/one//datastores/0/38/disk.1)[9869:9869]
>>> 2016-04-06 04:15:35.954+0000: 14072: error :
>>> virStorageFileBackendFileGetUniqueIdentifier:1523 : can't
>>> canonicalize path '/var/lib/one//datastores/0/38/disk.1':
>>>
>>> https://www.redhat.com/archives/libvir-list/2014-May/msg00194.html
>>>
>>> Comment is: "The current implementation works for local
>>> storage only and returns the canonical path of the volume."
>>>
>>> But it seems the logic is applied to NFS mounts. Perhaps it shouldn't
>>> be?  Anyway to get around this problem?  This is CentOS 7 .
>>>
>>> Cheers,
>>> Tom K.
>>> -------------------------------------------------------------------------------------
>>>
>>> Living on earth is expensive, but it includes a free trip around the
>>> sun.
>>>
>>> _______________________________________________
>>> libvirt-users mailing list
>>> libvirt-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/libvirt-users
>>
>> --
>> libvir-list mailing list
>> libvir-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/libvir-list
>
>--
>libvir-list mailing list
>libvir-list at redhat.com
>https://www.redhat.com/mailman/listinfo/libvir-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20160412/d67f26cf/attachment.sig>


More information about the libvirt-users mailing list