Bug 620571
| Summary: | non root user can no longer view lvm devices | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Corey Marthaler <cmarthal> | |
| Component: | lvm2 | Assignee: | Alasdair Kergon <agk> | |
| Status: | CLOSED ERRATA | QA Contact: | Corey Marthaler <cmarthal> | |
| Severity: | low | Docs Contact: | ||
| Priority: | low | |||
| Version: | 6.0 | CC: | agk, dwysocha, heinzm, jbrassow, joe.thornber, mbroz, prajnoha, prockai | |
| Target Milestone: | rc | Keywords: | Regression | |
| Target Release: | --- | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | lvm2-2.02.83-3.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 656394 (view as bug list) | Environment: | ||
| Last Closed: | 2011-05-19 14:26:21 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 656394 | |||
|
Description
Corey Marthaler
2010-08-02 21:21:26 UTC
So what's going on here? Are the /etc/lvm directory permissions wrong now? Or is it selinux? (And how did this trivial bugzilla not get noticed since August?) Is /etc/lvm being given wrong permissions? It should be mode 0755 so that lvm.conf is readable. Looks wrong in the Fedora package I built a few hours ago. Although /etc/lvm/lvm.conf is now readable by non root users, they still can not view lvm devices. Also, there shouldn't be any 'dm_task struct' failures, just the " WARNING: Running as a non-root user. Functionality may be unavailable." and the listed volumes. [testmonkey@taft-02 root]$ lvs WARNING: Running as a non-root user. Functionality may be unavailable. /dev/mapper/control: open failed: Permission denied Failure to communicate with kernel device-mapper driver. Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status No volume groups found [testmonkey@taft-02 root]$ vgs WARNING: Running as a non-root user. Functionality may be unavailable. /dev/mapper/control: open failed: Permission denied Failure to communicate with kernel device-mapper driver. Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status No volume groups found [testmonkey@taft-02 root]$ pvscan WARNING: Running as a non-root user. Functionality may be unavailable. /var/lock/lvm/P_global:aux: open failed: Permission denied Unable to obtain global lock. [testmonkey@taft-02 root]$ lvscan WARNING: Running as a non-root user. Functionality may be unavailable. /dev/mapper/control: open failed: Permission denied Failure to communicate with kernel device-mapper driver. Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status Failed to create dm_task struct to check dev status No volume groups found [testmonkey@taft-02 root]$ lvcreate WARNING: Running as a non-root user. Functionality may be unavailable. /dev/mapper/control: open failed: Permission denied Failure to communicate with kernel device-mapper driver. striped: Required device-mapper target(s) not detected in your kernel Run `lvcreate --help' for more information. You can see neither PVs (device is not accessible for user access by default) nor LV status (dm-ioctl requires root only, resp CAP_SYSADMIN privilege). But the repeated warnings are misleading, I posted some patch here https://www.redhat.com/archives/lvm-devel/2011-March/msg00116.html After talking with devel, non root users are no longer able to view lvm devices, so the following cmds are what's now expected. Marking verified. [testmonkey@taft-01 root]$ pvscan WARNING: Running as a non-root user. Functionality may be unavailable. /var/lock/lvm/P_global:aux: open failed: Permission denied Unable to obtain global lock. [testmonkey@taft-01 root]$ pvs WARNING: Running as a non-root user. Functionality may be unavailable. /var/lock/lvm/P_global:aux: open failed: Permission denied Unable to obtain global lock. [testmonkey@taft-01 root]$ lvs WARNING: Running as a non-root user. Functionality may be unavailable. /dev/mapper/control: open failed: Permission denied Failure to communicate with kernel device-mapper driver. No volume groups found An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0772.html |