libvirt.libvirtError: Cannot access storage file ... permission denied
ssbarnea opened this issue · 2 comments
Another issue related to user permissions
TASK [Start molecule vm(s)] **********************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: libvirt.libvirtError: Cannot access storage file '/home/ssbarnea/.local/molecule/default/vms/instance.qcow2' (as uid:107, gid:107): Permission denied
failed: [localhost] (item=instance) => {"ansible_loop_var": "item", "changed": false, "item": {"name": "instance"}, "msg": "Cannot access storage file '/home/ssbarnea/.local/molecule/default/vms/instance.qcow2' (as uid:107, gid:107): Permission denied"}
This happened after running newgrp ssbarnea & molecule create on fresh scenario.
[ssbarnea@leno molecule-libvirt]$ ls -la /home/ssbarnea/.local/molecule/default/vms/
total 659684
drwxr-xr-x. 1 ssbarnea ssbarnea 74 May 16 11:09 .
drwxr-xr-x. 1 ssbarnea ssbarnea 6 May 15 17:43 ..
-rw-r--r--. 1 ssbarnea libvirt 374784 May 16 11:09 instance-cloud-init.iso
-rw-r--r--. 1 ssbarnea libvirt 16108814336 May 16 11:09 instance.qcow2
It seems that the qcow2 image was created with wrong permissions as the libvirt group does not have write access to it and it obviously need that.
umask reports 0022 for my current user which explains why the group did not had access but in out case we do want to use a mask 0002 at least for this file.
It seems, acl for qemu has to be set on $HOME/.local. With qemu acl on $HOME and $HOME/.local I have this
(venv) [james@r620 my-role]$ ls -l ~/.local/molecule/default/vms/
total 1218368
-rw-rw-r--. 1 qemu qemu 374784 May 16 10:09 instance-cloud-init.iso
-rw-r--r--. 1 qemu qemu 16108814336 May 16 10:16 instance.qcow2
I see the pull request.
umask should be sufficent.