|
Hi Martin,
Thanks for the guidance. Ultimately I determined that this was an AppArmor
issue restricting access to /var/lib/libvirt/images and /var/lib/libvirt/qemu.
I was able to add access to these directories in
/etc/apparmor.d/local/abstractions/libvirt-qemu and then successfully start a
VM (no longer getting the "access denied" message).
Thanks,
Andrew
From: Martin Kletzander Sent: Wednesday, November 20, 2024 8:31 AM To: Andrew Martin Cc: users@xxxxxxxxxxxxxxxxx Subject: Re: Set permissions and ownership of disk image created by vol-upload On Tue, Nov 19, 2024 at 07:01:39PM +0000, Andrew Martin wrote:
>Hello, > >I am using libvirt 8.0 on Ubuntu 22.04 and would like to utilize the vol-upload >command to upload a disk image: >https://www.libvirt.org/manpages/virsh.html#vol-upload > >I am using the "directory" storage pool type: >https://libvirt.org/storage.html#directory-pool > >However, when uploading the disk image, it gets written with octal permissions >0600 and owner root:root. Ideally I'd like this file to be owned by >libvirt-qemu:libvirt-qemu with permissions 0660 so that the group can read it. > >I've tried the following, none of which seem to alter the owner or permissions: > >- change the umask in the libvirtd systemd unit >- edit the user, group, and dynamic_ownership settings in /etc/libvirt/qemu.conf >- run "virsh pool-edit default" and change the <mode>, <owner>, or <group> tags > >How can I configure libvirtd to create these uploaded files with the desired >permissions and ownership? > Use virsh vol-create <pool> <volume.xml> where the volume xml looks something like this (adjust to your liking): <volume> <name>perms.img</name> <capacity unit='M'>100</capacity> <target> <path>/var/lib/libvirt/images/perms.img</path> <format type='raw'/> <permissions> <mode>0755</mode> <owner>77</owner> <group>77</group> </permissions> </target> </volume> And then use virsh vol-upload to populate the volume with what you want. That ought to be enough. HTH, Martin >Thanks, > >Andrew |
