On 2013-07-17 17:47, Gao feng <gaofeng@xxxxxxxxxxxxxx> wrote: >>On 07/17/2013 04:15 PM, Gao feng wrote: >> On 07/16/2013 01:29 PM, Guan Qiang wrote: >>> 于 2013/7/15 17:32, Gao feng 写道: >>>> On 07/15/2013 05:18 PM, hzguanqiang wrote: >>>>> Hi, Gao Feng >>>>> >>>>> I've tried what you said, but still exists the problem: >>>>> >>>>> ubuntu@lxc:~$ vir attach-disk instance-0000002c /dev/dm-0 sdb >>>>> error: Failed to attach disk >>>>> error: Unable to create device /proc/10366/root/dev/sdb: Permission denied >>>>> >>>>> I think finding what it means by saying 'Unable to create device /proc/10366/root/dev/sdb: Permission denied' is the key. >>>>> But anyway, thanks for your help! >>>>> >>>> Do you have <idmap> configured for your lxc domain? >>>> I just posted a patchset to fix the problem that failed to create device when user namespace enabled. >>>> >>>> BTW, does it work well if you directly write the configuration to the xml of lxc domain? >>>> >>>> Thanks >>> Hi, Gao feng, >>> >>> I tried to write the configuration in the xml as you said, and it works. >>> >>> And I didn't set <idmap> configure for my lxc domain. The xml content of my lxc domain is just as following: >>> >> ... >>> I still don't understand why I can't hotplug attach disk device for the lxc domain. >>> Expect more detailed answer, Thanks! >>> >> >> it's because apparmor deny libvirt to create device node under directory /proc/10366/root/dev/. >> >> I don't know if this will help you, you can have a try. >> >> change the apparmor profile of libvirtd. check the /etc/apparmor.d/usr.sbin.libvirtd, >> and add /proc/ rw. > >ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ & /etc/init.d/apparmor restart should work, >but libvirtd will run out of apparmor's control. Yes, it works. Thanks for help. ------------------ Best regards! GuanQiang 2013-07-19 _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
