OpenNebula – KVM QEMU could not open disk image disk.0: Permission denied

I’ve been trying to figure out why this error was logged when trying to submit and run a virtual machine in OpenNebula with QEMU and KVM: “could not open disk image disk.0 Permission denied”. SELinux was complaining about dac_override and dac_read_search.

I thought it was a problem with security contexts as /var/lib/one directory is labelled with var_lib_t security context and QEMU would expect a virt_image_t context or svirt_image_t to run the virtual machine (libvirt provides documentation about QEMU and SELinux in this URL http://libvirt.org/drvqemu.html)

I changed the security context for the /var/lib/one/datastores directory:

chcon -R --type=virt_image_t /var/lib/one/datastores

Despite the security context change the error persisted, thankfully I found this message in the OpenNebula mail list:

http://lists.opennebula.org/pipermail/users-opennebula.org/2010-September/012877.html

I finally get rid of the permission denied editing my /etc/libvirt/qemu.conf and restarting the livirtd daemon (service libvirtd restart)

user="oneadmin"
group="oneadmin"
dynamic_ownership = 0

I’m still being able to run OpenNebula and SELinux, let’s see if I can keep SELinux enabled in my following tests.

Advertisements

One thought on “OpenNebula – KVM QEMU could not open disk image disk.0: Permission denied

  1. C says:

    Thank you, that did the trick for me on Fedora 20. I also had to set “setsebool -P virt_use_nfs 1” as my installation iso image was located on an NFS share.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s