[CentOS-virt] unable to get domain status from libvirt & KVM
Tom Georgoulias
tomg at mcclatchyinteractive.com
Thu Mar 11 20:19:49 UTC 2010
On 03/11/2010 11:24 AM, Akemi Yagi wrote:
> Look into /etc/libvirt/libvirtd.conf and check out the section "UNIX
> socket access controls" and make appropriate adjustment. [ I created
> group 'libvirt' , added myself to the group, and uncommented the line
> "unix_sock_group = "libvirt"".] Then adjust also the permission bits
> of the directories and files in /var/run/libvirt to allow access to
> the group libvirt.
Here are the results of a test where I just made unix_sock_group the
same group as an unprivileged test user:
libvirtd.conf changes:
unix_sock_group = "testu"
unix_sock_ro_perms = "0777"
[root at kvm ~]# service libvirtd restart
Stopping libvirtd daemon: [ OK ]
Starting libvirtd daemon: [ OK ]
[root at kvm ~]# ls -l /var/run/libvirt
total 16
srwx------ 1 root testu 0 Mar 11 15:03 libvirt-sock
srwxrwxrwx 1 root testu 0 Mar 11 15:03 libvirt-sock-ro
drwxr-xr-x 2 root root 4096 Mar 8 13:05 network
drwxr-xr-x 2 root root 4096 Mar 11 15:00 qemu
(no changes to qemu. Should I expect some?)
> With some luck, you should be able to run the virsh command (for example):
>
> virsh -c qemu:///system list --all
As test user "testu":
[testu at kvm ~]$ virsh -c qemu:///system list --all
error: unable to connect to '/var/run/libvirt/libvirt-sock': Permission
denied
error: failed to connect to the hypervisor
[testu at kvm ~]$ virsh -c qemu:///session list --all
15:04:05.167: error : No vport operation path found for host0
15:04:05.186: error : No vport operation path found for host4
15:04:05.192: error : No vport operation path found for host3
15:04:05.240: error : No vport operation path found for host1
15:04:05.240: error : No vport operation path found for host2
Id Name State
----------------------------------
[testu at kvm ~]$
Doesn't seem like a socket access issue, the perms for the
libvirt-sock-ro are wide open.
Tom
More information about the CentOS-virt
mailing list