Hi,
I'm trying to setup an eucalyptus cloud managing my virtual xen nodes.
I'm on SLES11, x86_64. I compiled libvirt-0.6.2 with the following configure
parameters:
./configure --prefix=/usr --without-storage-iscsi --without-remote --without-sasl
--without-openvz --without-storage-disk
below the parameters I've set in the /etc/libvirt/libvirt.conf file:
listen_tls = 0
listen_tcp = 1
unix_sock_group = "libvirt"
unix_sock_ro_perms = "0777"
unix_sock_rw_perms = "0777"
unix_sock_dir = "/var/run/libvirt"
auth_unix_ro = "none"
auth_unix_rw = "none"
auth_tcp = "none"
auth_tls = "none"
log_level = 1
log_outputs="0:stderr"
as root, I can run "virsh list" or "virsh -c xen+unix:/// list"
and it just works, however, I cannot do this as user eucalyptus.
The user eucalyptus is a member of the libvirt group.
# id eucalyptus
uid=1000(eucalyptus) gid=1000(eucalyptus) groups=1000(eucalyptus),0(root),16
(dialout),17(audio),33(video),100(users),1001(libvirt)
I ran virsh through strace, to see what happens:
strace virsh.bin -c xen+unix:/// list
...
open("/proc/xen/privcmd", O_RDWR) = -1 EACCES (Permission denied)
...
Shouldn't the permissions of /proc/xen/privcmd be OK due to the libvirt.conf
file?
However, I changed them, and now the strace output looks like this:
chmod 777 /proc/xen/privcmd
strace virsh.bin -c xen+unix:/// list
...
open("/proc/xen/privcmd", O_RDWR) = 3
ioctl(3, SNDCTL_DSP_RESET, 0x7fff4721a0f0) = 196611
mlock(0x7fff4721a070, 72) = 0
mlock(0x7fff47219f00, 136) = 0
ioctl(3, SNDCTL_DSP_RESET, 0x7fff47219d80) = -1 EACCES (Permission denied)
munlock(0x7fff47219f00, 136) = 0
munlock(0x7fff4721a070, 72) = 0
mlock(0x7fff4721a070, 72) = 0
mlock(0x7fff47219f00, 136) = 0
ioctl(3, SNDCTL_DSP_RESET, 0x7fff47219d80) = -1 EACCES (Permission denied)
munlock(0x7fff47219f00, 136) = 0
munlock(0x7fff4721a070, 72) = 0
mlock(0x7fff4721a070, 72) = 0
mlock(0x7fff47219f00, 136) = 0
ioctl(3, SNDCTL_DSP_RESET, 0x7fff47219d80) = -1 EACCES (Permission denied)
munlock(0x7fff47219f00, 136) = 0
munlock(0x7fff4721a070, 72) = 0
mlock(0x7fff4721a070, 72) = 0
mlock(0x7fff47219f00, 136) = 0
ioctl(3, SNDCTL_DSP_RESET, 0x7fff47219d80) = 0
munlock(0x7fff47219f00, 136) = 0
munlock(0x7fff4721a070, 72) = 0
mlock(0x7fff47219e00, 136) = 0
ioctl(3, SNDCTL_DSP_RESET, 0x7fff47219d80) = 0
munlock(0x7fff47219e00, 136) = 0
close(3) = 0
...
actually, there is no sound card at all, I wonder what the SNDCTL_DSP_RESET is
doing there. After the close(3), the virsh is only looking for language to
generate the error message: error: failed to connect to the hypervisor
Those xen versions are installed:
xen-doc-pdf-3.3.1_18546_12-3.1
xen-doc-html-3.3.1_18546_12-3.1
xen-3.3.1_18546_12-3.1
xen-libs-3.3.1_18546_12-3.1
xen-tools-3.3.1_18546_12-3.1
xen-kmp-default-3.3.1_18546_12_2.6.27.19_5-3.1
kernel-xen-base-2.6.27.19-5.1
kernel-xen-2.6.27.19-5.1
xen-devel-3.3.1_18546_12-3.1
any idea what is wrong here?
kind regards
sebastian