[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] Cannot open block device from library linked to Qemu-kvm
From: |
Patelczyk, Maciej |
Subject: |
[Qemu-devel] Cannot open block device from library linked to Qemu-kvm |
Date: |
Fri, 17 Jul 2015 16:36:30 +0000 |
Hi,
I have modified librbd to access for some data from a client local drive. I
have tested it with FIO + librbd and it works fine when launched fio as root
(as supposed to).
The problem is that when I try this with qemu-kvm I see in logs that open fails
since "Operation not permitted".
I've changed the /etc/libvirt/qemu.conf so qemu starts as user/group "root" and
disabled the capabilities drop (clear_emulator_capabilities = 0).
The results is that
ps aux | grep qemu
root 149981 7.4 0.5 10629632 691688 ? Sl 17:57 0:30
/usr/libexec/qemu-kvm -name TestVM,process=qemu:TestVM -S -machine
pc-i440fx-rhel7.0.0,accel=kvm,usb=off -cpu S...
cat /proc/149981/status | grep Cap
CapInh: 0000000000000000
CapPrm: 0000001fffffffff
CapEff: 0000001fffffffff
CapBnd: 0000001fffffffff
capsh --decode=0000001fffffffff
0x0000001fffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,35,36
scap -a | grep 149981
1 149981 root qemu:TestVM full
But still no luck. I add additional opens for regular files and they OK. I can
open file owned by non-root as well as root owned. However still cannot open
block device.
2015-07-17 17:57:10.166489 7fe6bd068ac0 20 open /dev/nvme0n1. Error = Operation
not permitted.
It simply fails even if I chamod a+rw to the block device.
Again, if I launch fio (as root), which uses the same library, capabilities are
the same and everything works well. Right now I have no idea what is going on.
No info in syslog.
Can somebody suggest me what I shall try next?
Thanks,
maciej
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-devel] Cannot open block device from library linked to Qemu-kvm,
Patelczyk, Maciej <=