| Summary: | vdsm-tool does not check for correct permissions | ||
|---|---|---|---|
| Product: | [oVirt] ovirt-engine | Reporter: | Logan Kuhn <logank> |
| Component: | BLL.Storage | Assignee: | Maor <mlipchuk> |
| Status: | CLOSED WONTFIX | QA Contact: | Raz Tamir <ratamir> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.0.3 | CC: | bugs, tnisan, ylavi |
| Target Milestone: | --- | Flags: | sbonazzo:
ovirt-4.1-
|
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-02-07 15:46:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Storage | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
This should not happen on clean install, please reopen if this recreates on a clean system. |
Description of problem: On a 4.0.3 host if /var/run/sanlock/sanlock.pid's permissions are sanlock:sanlock it will get permission denied when trying to take over as SPM either forced or not. If I run vdsm-tool configure --force it doesn't check or fix permissions. If I chgrp to qemu it works fine. If I add vdsm to the sanlock group it doesn't. /etc/group: qemu:*:107:noentrylisted,vdsm sanlock:*:179:vdsm Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. Install new host via web gui 2. SPM will remain normal and the engine log will try endlessly to make it SPM Actual results: Host cannot be SPM Expected results: Host becomes SPM Additional info: 2016-09-20 12:07:46,420 INFO [org.ovirt.engine.core.vdsbroker.vdsbroker.ConnectStoragePoolVDSCommand] (DefaultQuartzScheduler1) [4c6f90de] START, ConnectStoragePoolVDSCommand(HostName = ovirt-reqa1, ConnectStoragePoolVDSCommandParameters:{runAsync='true', hostId='5d9188df-aafd-45c9-bc4b-03357ed790b2', vdsId='5d9188df-aafd-45c9-bc4b-03357ed790b2', storagePoolId='00000001-0001-0001-0001-0000000000d8', masterVersion='1'}), log id: 35331970 2016-09-20 12:07:47,624 INFO [org.ovirt.engine.core.vdsbroker.vdsbroker.ConnectStoragePoolVDSCommand] (DefaultQuartzScheduler1) [4c6f90de] FINISH, ConnectStoragePoolVDSCommand, log id: 35331970 2016-09-20 12:07:47,763 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.SpmStatusVDSCommand] (DefaultQuartzScheduler1) [4c6f90de] Failed in 'SpmStatusVDS' method 2016-09-20 12:07:47,767 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (DefaultQuartzScheduler1) [4c6f90de] Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: VDSM ovirt-reqa1 command failed: (13, 'Sanlock resource read failure', 'Permission denied') 2016-09-20 12:07:47,767 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.SpmStatusVDSCommand] (DefaultQuartzScheduler1) [4c6f90de] Command 'SpmStatusVDSCommand(HostName = ovirt-reqa1, SpmStatusVDSCommandParameters:{runAsync='true', hostId='5d9188df-aafd-45c9-bc4b-03357ed790b2', storagePoolId='00000001-0001-0001-0001-0000000000d8'})' execution failed: VDSGenericException: VDSErrorException: Failed to SpmStatusVDS, error = (13, 'Sanlock resource read failure', 'Permission denied'), code = 100 2016-09-20 12:07:47,767 INFO [org.ovirt.engine.core.vdsbroker.irsbroker.I