Am Do, 4. Aug, 2016 um 11:32 schrieb Michal Privoznik
<mprivozn(a)redhat.com>:
> On 03.08.2016 21:17, Jonatan Schlag wrote:
>> Hi,
>> I have a very strange problem with libvirt. I work on some machines
>> with
>> libvirt (Debian/ Arch Linux) and libvirt set the ownership of images
>> file automatically to the qemu user / group for example on Arch
>> Linux to
>> nobody:kvm.
>> So when I copy an image file with root and use I then with qemu,
>> libvirt
>> change the owner/ group to nobody:kvm.
>>
>> But I also compiled libvirt for a machine (gcc 4.9.4 glibc 2.12) and on
>> this machine libvirt did not change the ownership of the image files
>> which results in this error:
>>
>> libvirtError: internal error: process exited while connecting to
>> monitor: able-ticketing,seamless-migration=on -device
>>
>>
qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vram64_size_mb=0,vgamem_mb=16,bus=pci.0,addr=0x2
>>
>> -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device
>> hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
>> spicevmc,id=charredir0,name=usbredir -device
>> usb-redir,chardev=charredir0,id=redir0 -device
>> virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -msg timestamp=on
>> 2016-08-03T18:19:47.494512Z qemu-system-x86_64: -drive
>>
>>
file=/data/hdd1/libvirt/images/test.img,format=raw,if=none,id=drive-virtio-disk0:
>>
>> Could not open '/data/hdd1/libvirt/images/test.img': Permission denied
>
> Can you please share the debug logs?
>
>
http://wiki.libvirt.org/page/DebugLogs
>
> Also, my initial suspect, before diving any deeper is that usually, when
> users compile libvirt on their own, they forget to set the correct
> prefix, therefore libvirt is looking for its config files NOT under
> /etc/libvirt but /usr/local/etc/ or whatever.
>
> BTW: is the daemon running under root?
>
> Michal
Hi,
The daemon runs under root.
I uploaded the debug logs to:
http://people.ipfire.org/~jschlag/1363864/1_libvirtd.log
The UID of the user nobody is 99, the GID of the group kvm is 1011.
I added my configure options to the bug report.
Following the log the ownership is changed but why is the file still
owned by root:root?
Right. the file is set ownership. One thing though - libvirt does not
label the whole path, just the file. So maybe you should check whether
nobody:kvm has access into the /data/hdd1/libvirt/images dir (and also
each one in the path).
What about apparmor? In the bug report you say that selinux is disabled,
but what about apparmor?
Michal