Thanks for the reply Eric. We verified that VM creation works fine when dynamic ownership
setting is enabled. So this seems like some missing configuration or permissions issue
when dynamic ownership is disabled. More comments in line below..
On Feb 24, 2012, at 5:57 PM, Eric Blake wrote:
On 02/24/2012 12:21 PM, Shantanu Pavgi wrote:
Hi,
I am getting following 'qemu: could not load kernel' error while trying to create
a new VM using virt-install or virt-manager. The software versions are as follows: CentOS
6.2, Libvirt 0.9.4, qemu-kvm 2:0.12.1.2-2.209.el6_2.1.
The qemu.conf has disabled dynamic_ownership setting. The VM instantiation has worked
fine before when dynamic_ownership was enabled (default). So is this error related to
dynamic ownership being disabled? I appreciate any help on how to debug this error
further.
Very well could be. If dynamic_ownership is on, then libvirt will chown
the image prior to starting qemu, then revert it back on completion.
But if you have it off, then libvirt assumes you have correct
permissions on the file to begin with, and if that assumption is wrong,
failure to open the image could indeed result.
Since we are seeing permission denied error on boot image
'/var/lib/libvirt/boot/virtinst-vmlinuz.l4mEAd' I am wondering what should be
appropriate permissions for it. The VM's disk image gets created with 'rw'
permissions for 'kvm' group. The libvirt runs the qemu-kvm process as
'qemu' user which belongs to the 'kvm' group. If the 'qemu' user
doesn't have write permissions on the disk image then we have seen permission denied
error on the disk image itself. But we hadn't seen 'qemu: could not load
kernel' type errors before.
Any pointers on what permission settings are needed when dynamic ownership is disabled
will be really helpful. Do users executing virt-tools (virt-install or virt-manager)
commands need 'rw' permission on boot images '/var/lib/libvirt/boot/*'
when dynamic ownership is disabled?
We have a troubleshooting wiki that may give you more insight on things
to try, and do feel free to add a page if you find a solution:
http://wiki.libvirt.org/page/Troubleshooting
Also, is there any documentation on why/when dynamic_ownership setting should be used?
http://libvirt.org/drvqemu.html#securitydac
has a start; if you find more information would be useful, then let's
get the documentation improved (the docs are kept as part of libvirt.git).
We couldn't find much details on dynamic ownership setting other than few comment
lines in qemu.conf file. They were helpful to start with; it would be good to have them in
wiki as well. I appreciate all the help.
--
Thanks,
Shantanu