Hide Forgot
Description of problem: When trying to attach iso from read-only filesystem (like NFS server administered by somebody else), it fails because iso's ownership cannot be changed to qemu:qemu Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1. run VM with empty cdrom device 2. run 'virsh attach-disk win7x64 /path/on/readonly_fs/to/image.iso hdc --type cdrom; 3. Actual results: this error is throwed: error: Failed to attach disk error: unable to set user and group to '107:107' on '/mnt/trash/ic114/RHEV-toolsSetup_2.3_395.iso': Nepřípustný argument Expected results: disk is attached as read-only Additional info: * virt-manager fails with the same error * 107:107 are UID:GID in local system * unix permissions don't block qemu or libvirt from reading the isos, but selinux may block them (I don't know how to confirm this now)
Nepřípustný argument == EINVAL The error comes (as you'd guess) from chown(2). But the manpage for chown doesn't mention the possibility of returning EINVAL. virSecurityDACSetOwnership already special cases EOPNOTSUPP, EPERM, and EROFS to ignore them. Would it be acceptable in all cases to just ignore EINVAL as well?
*** Bug 709454 has been marked as a duplicate of this bug. ***
The following fix has been pushed to upstream libvirt, and will be in the next rebase for RHEL6: commit 62ed801c13787cc844e75db7cd2d4c8a42454fcc Author: Laine Stump <laine> Date: Fri Jun 3 11:59:09 2011 -0400 security driver: ignore EINVAL when chowning an image file This fixes: https://bugzilla.redhat.com/show_bug.cgi?id=702044 https://bugzilla.redhat.com/show_bug.cgi?id=709454 Both of these complain of a failure to use an image file that resides on a read-only NFS volume. The function in the DAC security driver that chowns image files to the qemu user:group before using them already has special cases to ignore failure of chown on read-only file systems, and in a few other cases, but it hadn't been checking for EINVAL, which is what is returned if the qemu user doesn't even exist on the NFS server. Since the explanation of EINVAL in the chown man page almost exactly matches the log message already present for the case of EOPNOTSUPP, I've just added EINVAL to that same conditional.
The question in Comment 1 was already answered in IRC (the answer was "yes").
This should be fixed by the libvirt-0.9.2-1.el6 rebase
Set it as VERIFIED per comment9
*** Bug 712170 has been marked as a duplicate of this bug. ***
Perfect, thanks!
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1513.html