On 07/16/2013 01:29 PM, Guan Qiang wrote:
于 2013/7/15 17:32, Gao feng 写道:
> On 07/15/2013 05:18 PM, hzguanqiang wrote:
>> Hi, Gao Feng
>>
>> I've tried what you said, but still exists the problem:
>>
>> ubuntu@lxc:~$ vir attach-disk instance-0000002c /dev/dm-0 sdb
>> error: Failed to attach disk
>> error: Unable to create device /proc/10366/root/dev/sdb: Permission denied
>>
>> I think finding what it means by saying 'Unable to create device
/proc/10366/root/dev/sdb: Permission denied' is the key.
>> But anyway, thanks for your help!
>>
> Do you have <idmap> configured for your lxc domain?
> I just posted a patchset to fix the problem that failed to create device when user
namespace enabled.
>
> BTW, does it work well if you directly write the configuration to the xml of lxc
domain?
>
> Thanks
Hi, Gao feng,
I tried to write the configuration in the xml as you said, and it works.
And I didn't set <idmap> configure for my lxc domain. The xml content of my
lxc domain is just as following:
...
I still don't understand why I can't hotplug attach disk
device for the lxc domain.
Expect more detailed answer, Thanks!
it's because apparmor deny libvirt to create device node under directory
/proc/10366/root/dev/.
I don't know if this will help you, you can have a try.
change the apparmor profile of libvirtd. check the /etc/apparmor.d/usr.sbin.libvirtd,
and add /proc/ rw.
Thanks!