Bug #1325

saveas, file in datastore is saved with root owner

Added by jordan pittier over 7 years ago. Updated over 7 years ago.

Status:ClosedStart date:07/02/2012
Priority:HighDue date:
Assignee:-% Done:

0%

Category:-
Target version:Release 3.6
Resolution:worksforme Pull request:
Affected Versions:OpenNebula 3.6

Description

Hello,
When I try to use the "save as" feature from Sunstone on a running VM, once I shutdown the VM, the drive is correctly saved and put in the datastore. However, the owner of this file is wrong, it's "root" instead of "oneadmin".

oneadmin@sd-xxx:~$ ls la var/datastores/1/
total 1805772
drwxr-xr-x 2 oneadmin oneadmin 4096 juil. 2 19:03 .
drwxr-xr-x 5 oneadmin oneadmin 4096 juil. 2 18:51 ..
-rw-r----
1 oneadmin oneadmin 1073741825 juil. 2 18:57 92de9114606f5b29bea229480c30f254
rw-r---- 1 root root 1073741825 juil. 2 19:03 b0b6efb8ee9bdc8118283b7f768430cd <<---- this is the saved image

Thus, the saved image is not usable, not even readable by Opennebula.

Jordan

History

#1 Updated by Ruben S. Montero over 7 years ago

I am not sure if you are using KVM, if so please check that user/group are set for your oneadmin ID's in qemu.conf

#2 Updated by jordan pittier over 7 years ago

Thanks for the quick reply.

Indeed, I am using KVM, with Debian Wheezy (7.0). Unfortunately, even with qemu.conf set as

  1. The user ID for QEMU processes run by the system instance.
    user = "oneadmin"
  2. The group ID for QEMU processes run by the system instance.
    group = "oneadmin"

That didn't work. When I list the processes running in my system (ps aux | grep kvm), VMs are clearly running under "oneadmin" account :
"oneadmin 53747 88.5 0.3 804356 27536 ? Sl 21:31 0:03 /usr/bin/kvm -S -M pc-0.15 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=...."

Still images are saved_as "root" :(

Only libvirtd runs as run, but that's not easy to change.

I believe there's a bug somewhere... :). Can someone reproduce ?

Thanks

#3 Updated by Ruben S. Montero over 7 years ago

What about dynamic_ownership, is that set to 0?

#4 Updated by jordan pittier over 7 years ago

So I investigated a little...
I used a shared datastore.

Let's go through an example. I start a new vm, vm ID is 21, one disk and one cdrom (context). When the vm is running, my local datastore (id 0) looks like :
root@sd-34837:/home/oneadmin/var# ls la datastores/0/21/
total 717700
drwxr-xr-x 2 oneadmin oneadmin 4096 juil. 2 21:53 .
drwxr-xr-x 3 oneadmin oneadmin 4096 juil. 2 21:53 ..
-rw-r--r-
1 oneadmin oneadmin 1058 juil. 2 21:53 deployment.0
rw-r---- 1 oneadmin oneadmin 177209344 juil. 2 21:53 disk.0
rw-r---- 1 oneadmin oneadmin 1073741825 juil. 2 21:54 disk.1 <<-- this is the image i want to save, notice the correct permission

I click "save as" through Sunstone, permissions don't change. So far, so good.
I click "shutdown" through Sunstone. A fraction of second before the directory "datastores/0/21/" vanishes, I see :
root@sd-34837:/home/oneadmin/var# ls la datastores/0/21/
total 717700
drwxr-xr-x 2 oneadmin oneadmin 4096 juil. 2 21:53 .
drwxr-xr-x 3 oneadmin oneadmin 4096 juil. 2 21:53 ..
-rw-r--r-
1 oneadmin oneadmin 1058 juil. 2 21:53 deployment.0
rw-r---- 1 oneadmin oneadmin 177209344 juil. 2 21:53 disk.0
rw-r---- 1 root root 1073741825 juil. 2 21:56 disk.1 <<-- "ooohhh noeeess" The ownership has changed and so has the time...

Then obviously, the script "remotes/tm/shared/mvds" issues the "mv -f" on the file, which has now wrong ownership and my saved image is left unusable.

So something is changing the ownership between the "shutdown" call and the "mv -f" (in mvds) call. I have no clue :(

#5 Updated by jordan pittier over 7 years ago

OK, you had me...

dynamic_ownership set to 0 is the right answer. I works now...
I guess I should have read the doc : http://opennebula.org/documentation:archives:rel3.2:kvmg

Thanks a lot, sorry for the inconvenience.

#6 Updated by Ruben S. Montero over 7 years ago

  • Status changed from New to Closed
  • Resolution set to worksforme

OK, thanks

Also available in: Atom PDF