Red Hat Bugzilla – Bug 548401
Ownership of LVM backing store not updated on domain creation
Last modified: 2010-05-26 14:06:07 EDT
Description of problem:
In F12, qemu runs as user qemu rather than root. While it normally automatically changes the ownership of storage when a domain is created, it does not do this for an LVM backing store. This may also be the case for other types of backing store, but I have not tested anything other than LVM. This means that domain creation will fail, reporting permission denied on the snapshot volume.
Version-Release number of selected component (if applicable):
libvirt-0.7.4-1.fc12.x86_64 (Rawhide recompiled for F12)
Steps to Reproduce:
1. qemu-img create -b /dev/vg_foo/lv_guest -f qcow2 snapshot.qcow2
2. Add snapshot.qcow2 to guest
3. Start guest
Both snapshot.qcow2 and /dev/vg_foo/lv_guest have ownership changed.
The same (on a simple image file) for me.
Even after setting the qemu user to root in /etc/libvirt/qemu.conf and the image to mode 777 I still got "permission denied" (no avc denial).
I am not sure from stracing what libvirtd tries to do here, but what it does is:
1. chown the image file to root:root (<- total crap)
2. start qemu with some very strange security restrictions.
This bug appears to have been reported against 'rawhide' during the Fedora 13 development cycle.
Changing version to '13'.
More information and reason for this action is here:
*** This bug has been marked as a duplicate of bug 579067 ***