Discussion:
[clug] NFSv4 "Invalid argument"
Tessa Jensen
2014-10-16 12:21:17 UTC
Permalink
Check umask settings maybe? - if it's set to default, then any new file
being created by virt-manager in the ISO directory may not have the
read-write permissions that it needs.


On Thu, Oct 16, 2014 at 9:14 PM, Scott Ferguson <
Excellent George, thanks for persevering, and especially thanks from
other with the same problem who will benefit from you posting your results.
Not an ideal situation - using the set v3 method, but it works, which is
a start.
Scott,
I have had some success with the virt-manager and NFS. The issue
seems to be two fold, a) NFS version 4 is more complex and I do not
know how to use it, b) that I was not using the correct option for
controlling the version of NFS _and_ in OpenFiler I had to set the NFS
share to no_root_squash
This site
"
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/sect-shared-storage-nfs-migration.html
"
gave me the idea to go and look in OpenFiler to see if I could change
the NFS shares (export) options, and I discovered that I could change
between the default of root_squash to no_root_squash. (of course
no_root_squash is not as secure).
That's one way - another way is to use the anonuid and anongid options.
0=root
I don't know that has any advantages or no_root_squash or the v3 method.
NOTE: I've used the no_root_squash option on webservers (no virtual
host) to get around the www-data problem, though this is not something I
now do.
------------8<-------------->8---------------------------------
I have not resolved the a) issue, but I have the b) option: "-o
vers=3"
# mount -t nfs -o vers=3 -v
192.168.0.12:/mnt/vg2/vol1/san12_nfs_ds1/kvm-images/images
/var/lib/libvirt/images
Previously I had used the wrong syntax; "nfsvers=3"
------------8<-------------->8---------------------------------
You can chain those o(ptions),should you need to (standard mount format
e.g. -o nfsver=3,sec=krb5,etc
For testing I find the -f (fake) and -v (verbose, more v's is more
verbose) options useful
e.g.:-
$ su -c "mount -fvvvt cifs -o credentials=/home/scott/.cifs
//dev/packages /var/cache/apt/archives"
mount: fstab path: "/etc/fstab"
mount: mtab path: "/etc/mtab"
mount: lock path: "/etc/mtab~"
mount: temp path: "/etc/mtab.tmp"
mount: UID: 0
mount: eUID: 0
mount: spec: "//dev/packages"
mount: node: "/var/cache/apt/archives"
mount: types: "cifs"
mount: opts: "credentials=/home/scott/.cifs"
mount: external mount: argv[0] = "/sbin/mount.cifs"
mount: external mount: argv[1] = "//dev/packages"
mount: external mount: argv[2] = "/var/cache/apt/archives"
mount: external mount: argv[3] = "-f"
mount: external mount: argv[4] = "-v"
mount: external mount: argv[5] = "-o"
mount: external mount: argv[6] = "rw,credentials=/home/scott/.cifs"
ip=192.168.0.2,unc=\\dev\packages,user=scott,pass=********
You might use sudo instead. I don't have access to an nfs share from
where I'm writing - but the effect is the same with nfs. Note that the
share isn't actually mounted (-f switch). Confusingly dev (development),
in this instance, is a box name, not a file system.
Now mounting the NFS share with option "-o vers=3" I can change the
permissions on the folders and files, see the below commands which
should explain things for you;
------------8<-------------->8--------------------------------->
=====================================================================================
Now to put the permissons the way I wanted them
--------------------------------------------------
# chown -R libvirt-qemu:libvirt-qemu /var/lib/libvirt/images
# ls -al /var/lib/libvirt/images
------------8<-------------->8--------------------------------->
And now the VM will run without an errors.
===================================================================================
But I get the below error messages when using virt-manager if I do not
use "# chmod -R 777 /var/lib/libvirt/images"
"The emulator may not have search permissions for the path
'/var/lib/libvirt/images/ISO/debian-7.5.0-amd64-DVD-1.iso'."
Hmmmm. I probably shouldn't suggest this, but an insecure solution,
might be to modify the group's membership. I'd still try the anonid/gid
options first - then that share should mount as root.
Can any other readers suggest something?
------------8<-------------->8---------------------------------
Kind regards
--
linux mailing list
linux at lists.samba.org
https://lists.samba.org/mailman/listinfo/linux
George
2014-10-18 01:41:46 UTC
Permalink
Hi,

Previously I had mentioned that I was wondering how to use NFS shares
with Virt-Manager. Well I found a web site that explained, and it was
very simple, I had not understood that NFS shares used "netfs:".?

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/sect-Virtualization-Storage_Pools-Creating-NFS.html#idp16661888

Using the information in the above URL I used Virt-Manager to attach
to the OpenFiler NFS share. I then checked the mount for the OpenFiler
share to see what mount options Virt-Manager used (it was NFS4);

192.168.0.12:/mnt/vg2/vol1/san12_nfs_ds1/kvm-images/images on
/var/lib/libvirt/images/ofNFS type nfs4
(rw,relatime,vers=4,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.0.137,minorversion=0,local_lock=none,addr=192.168.0.12)

However when I attempted to create a virtual machine there was an
error, due to file permissions;

Unable to complete install: 'internal error Process exited while
reading console log output: char device redirected to /dev/pts/3
do_spice_init: starting 0.11.0
spice_server_add_interface: SPICE_INTERFACE_MIGRATION
spice_server_add_interface: SPICE_INTERFACE_KEYBOARD
spice_server_add_interface: SPICE_INTERFACE_MOUSE
kvm: -drive
file=/var/lib/libvirt/images/ofNFS/DebJessie.img,if=none,id=drive-virtio-disk0,format=qcow2:
could not open disk image /var/lib/libvirt/images/ofNFS/DebJessie.img:
Permission denied

After checking permissions I noticed that the VM img file was created
with 600 for nobody:nogroup, so I changed them to 666 on the img file
that and now I am able to create the virtual machine.? Much like the
issue I had previously when I was mapping the shares.

I am thinking that since Virt-Manager was able to create the virtual
machine's image but was not able to run the virtual machine, it is
likely that I have various user/group issues ?? However after
investigation I cannot see any misconfigurations with my user and
group assignments, I believe it is an issue with NFS 4 issue, but I do
not know enough about NFSv4, kvm & libvirt to know exactly what is
causing the issue. Well I don't need to use an NFS share, I would
prefer to use local storage, it is just I wanted to see if this was
possible and what might be any limitations.

# ls -al /var/lib/libvirt/images/ofNFS/
total 359169040
drwxrwsrwx 3 nobody nogroup???????? 4096 Oct 18 00:46 .
drwx--x--x 6 root?? root??????????? 4096 Oct 18 10:43 ..
-rwxrwxrwx 1 nobody nogroup?? 8589934592 Oct 16 10:25 Deb7Test.img
-rw-rw-rw- 1 nobody nogroup?? 1500971008 Oct 18 01:13 DebJessie.img
-rwxrwxrwx 1 nobody nogroup?? 8589934592 Oct 16 10:29 def2.img
drwxrwsrwx 2 nobody nogroup???????? 4096 Oct 11 08:50 ISO

http://www.howtoforge.com/virtualization-with-kvm-on-a-debian-squeeze-server

https://www.whonix.org/wiki/KVM
addgroup "$(whoami)" libvirt
addgroup "$(whoami)" kvm

http://www.howtoforge.com/virtualization-with-kvm-on-a-debian-squeeze-server


Afterwards we must add the user as which we're currently logged in
(root) to the groups libvirt and kvm:



adduser `id -un` libvirt
adduser `id -un` kvm


Groups;
cat /etc/group
kvm:x:120:gkirkham
libvirt:x:121:gkirkham
libvirt-qemu:x:122:libvirt-qemu,gkirkham

Loading...