1425799 – Fail to attach nfs based data domain

Bug 1425799 - Fail to attach nfs based data domain

Summary: Fail to attach nfs based data domain

Keywords:
Status:	CLOSED DUPLICATE of bug 1414798
Alias:	None
Product:	vdsm
Classification:	oVirt
Component:	Core
Sub Component:
Version:	4.20.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Dan Kenigsberg
QA Contact:	Raz Tamir
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-02-22 13:08 UTC by Piotr Kliczewski
Modified:	2017-02-22 23:03 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-02-22 23:03:58 UTC
oVirt Team:	Storage
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
vdsm log (19.15 KB, text/plain) 2017-02-22 13:08 UTC, Piotr Kliczewski	no flags	Details
View All

Description Piotr Kliczewski 2017-02-22 13:08:07 UTC

Created attachment 1256456 [details]
vdsm log

I pulled the latest vdsm code and installed. When adding new storage domain using NFS I see:

2017-02-22 14:06:04,342+01 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.CreateStoragePoolVDSCommand] (default task-33) [16910402] Command 'CreateStoragePoolVDSCommand(HostName = fedora-vm, CreateStoragePoolVDSCommandParameters:{runAsync='true', hostId='0d4e60d8-04e2-40ed-aa87-878432cf4076', storagePoolId='00000001-0001-0001-0001-000000000311', storagePoolName='Default', masterDomainId='a7a580fa-8cb5-4c3a-94ee-543023cf093b', domainsIdList='[a7a580fa-8cb5-4c3a-94ee-543023cf093b]', masterVersion='9'})' execution failed: VDSGenericException: VDSErrorException: Failed to CreateStoragePoolVDS, error = Cannot acquire host id: (u'a7a580fa-8cb5-4c3a-94ee-543023cf093b', SanlockException(19, 'Sanlock lockspace add failure', 'No such device')), code = 661

and in vdsm log there is:

AcquireHostIdFailure: Cannot acquire host id: (u'a7a580fa-8cb5-4c3a-94ee-543023cf093b', SanlockException(19, 'Sanlock lockspace add failure', 'No such device'))

Expected result:
Domain added properly

Comment 1 Piotr Kliczewski 2017-02-22 13:09:11 UTC

I tested this behavior with the same result on fedora 24 and 25 (different hosts).

Comment 2 Piotr Kliczewski 2017-02-22 14:47:36 UTC

I investigated this with Nir and it is selinux issue. Once set to permissive it works.

Here is the output of "ausearch -m AVC -ts today"


time->Wed Feb 22 15:43:41 2017
type=AVC msg=audit(1487774621.533:701): avc:  denied  { search } for  pid=4642 comm="sanlock" name="data" dev="0:46" ino=524303 scontext=system_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=1
----
time->Wed Feb 22 15:43:41 2017
type=AVC msg=audit(1487774621.533:702): avc:  denied  { search } for  pid=4642 comm="sanlock" name="6cc26c9d-e1a7-43ba-95d3-c744442c7500" dev="0:46" ino=540859 scontext=system_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1
----
time->Wed Feb 22 15:43:41 2017
type=AVC msg=audit(1487774621.534:703): avc:  denied  { read write open } for  pid=4642 comm="sanlock" path="/rhev/data-center/mnt/192.168.1.107:_export_data/6cc26c9d-e1a7-43ba-95d3-c744442c7500/dom_md/ids" dev="0:46" ino=524721 scontext=system_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1
----
time->Wed Feb 22 15:44:02 2017
type=AVC msg=audit(1487774642.536:704): avc:  denied  { read write open } for  pid=4642 comm="sanlock" path="/rhev/data-center/mnt/192.168.1.107:_export_data/6cc26c9d-e1a7-43ba-95d3-c744442c7500/dom_md/leases" dev="0:46" ino=525017 scontext=system_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1
----
time->Wed Feb 22 15:44:07 2017
type=AVC msg=audit(1487774647.639:720): avc:  denied  { read write } for  pid=4642 comm="sanlock" name="leases" dev="0:46" ino=525017 scontext=system_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1
----
time->Wed Feb 22 15:44:07 2017
type=AVC msg=audit(1487774647.639:721): avc:  denied  { open } for  pid=4642 comm="sanlock" path="/rhev/data-center/mnt/192.168.1.107:_export_data/6cc26c9d-e1a7-43ba-95d3-c744442c7500/dom_md/leases" dev="0:46" ino=525017 scontext=system_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1

Comment 3 Nir Soffer 2017-02-22 23:03:58 UTC


*** This bug has been marked as a duplicate of bug 1414798 ***

Note You need to log in before you can comment on or make changes to this bug.