Bug #1325
saveas, file in datastore is saved with root owner
| Status: | Closed | Start date: | 07/02/2012 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | Release 3.6 | |||
| Resolution: | worksforme | Pull request: | ||
| Affected Versions: | OpenNebula 3.6 |
Description
Hello,
When I try to use the "save as" feature from Sunstone on a running VM, once I shutdown the VM, the drive is correctly saved and put in the datastore. However, the owner of this file is wrong, it's "root" instead of "oneadmin".
oneadmin@sd-xxx:~$ ls la var/datastores/1/ 1 oneadmin oneadmin 1073741825 juil. 2 18:57 92de9114606f5b29bea229480c30f254
total 1805772
drwxr-xr-x 2 oneadmin oneadmin 4096 juil. 2 19:03 .
drwxr-xr-x 5 oneadmin oneadmin 4096 juil. 2 18:51 ..
-rw-r----rw-r---- 1 root root 1073741825 juil. 2 19:03 b0b6efb8ee9bdc8118283b7f768430cd <<---- this is the saved image
Thus, the saved image is not usable, not even readable by Opennebula.
Jordan
History
#1
Updated by Ruben S. Montero about 9 years ago
I am not sure if you are using KVM, if so please check that user/group are set for your oneadmin ID's in qemu.conf
#2
Updated by jordan pittier about 9 years ago
Thanks for the quick reply.
Indeed, I am using KVM, with Debian Wheezy (7.0). Unfortunately, even with qemu.conf set as
- The user ID for QEMU processes run by the system instance.
user = "oneadmin" - The group ID for QEMU processes run by the system instance.
group = "oneadmin"
That didn't work. When I list the processes running in my system (ps aux | grep kvm), VMs are clearly running under "oneadmin" account :
"oneadmin 53747 88.5 0.3 804356 27536 ? Sl 21:31 0:03 /usr/bin/kvm -S -M pc-0.15 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=...."
Still images are saved_as "root" :(
Only libvirtd runs as run, but that's not easy to change.
I believe there's a bug somewhere... :). Can someone reproduce ?
Thanks
#3
Updated by Ruben S. Montero about 9 years ago
What about dynamic_ownership, is that set to 0?
#4
Updated by jordan pittier about 9 years ago
So I investigated a little...
I used a shared datastore.
Let's go through an example. I start a new vm, vm ID is 21, one disk and one cdrom (context). When the vm is running, my local datastore (id 0) looks like :
root@sd-34837:/home/oneadmin/var# ls la datastores/0/21/ 1 oneadmin oneadmin 1058 juil. 2 21:53 deployment.0
total 717700
drwxr-xr-x 2 oneadmin oneadmin 4096 juil. 2 21:53 .
drwxr-xr-x 3 oneadmin oneadmin 4096 juil. 2 21:53 ..
-rw-r--r-rw-r---- 1 oneadmin oneadmin 177209344 juil. 2 21:53 disk.0rw-r---- 1 oneadmin oneadmin 1073741825 juil. 2 21:54 disk.1 <<-- this is the image i want to save, notice the correct permission
I click "save as" through Sunstone, permissions don't change. So far, so good.
I click "shutdown" through Sunstone. A fraction of second before the directory "datastores/0/21/" vanishes, I see :
root@sd-34837:/home/oneadmin/var# ls la datastores/0/21/ 1 oneadmin oneadmin 1058 juil. 2 21:53 deployment.0
total 717700
drwxr-xr-x 2 oneadmin oneadmin 4096 juil. 2 21:53 .
drwxr-xr-x 3 oneadmin oneadmin 4096 juil. 2 21:53 ..
-rw-r--r-rw-r---- 1 oneadmin oneadmin 177209344 juil. 2 21:53 disk.0rw-r---- 1 root root 1073741825 juil. 2 21:56 disk.1 <<-- "ooohhh noeeess" The ownership has changed and so has the time...
Then obviously, the script "remotes/tm/shared/mvds" issues the "mv -f" on the file, which has now wrong ownership and my saved image is left unusable.
So something is changing the ownership between the "shutdown" call and the "mv -f" (in mvds) call. I have no clue :(
#5
Updated by jordan pittier about 9 years ago
OK, you had me...
dynamic_ownership set to 0 is the right answer. I works now...
I guess I should have read the doc : http://opennebula.org/documentation:archives:rel3.2:kvmg
Thanks a lot, sorry for the inconvenience.
#6
Updated by Ruben S. Montero about 9 years ago
- Status changed from New to Closed
- Resolution set to worksforme
OK, thanks