© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
bionic or focal with OpenStack Ussuri.
The latest version of the nova package sets permissions on package update for /var/lib/nova:
find /var/lib/nova -exec chown nova:nova "{}" +
find /var/lib/nova -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" +
However, when managing vm's via libvirt, various ownership changes happen to the underlying disks that mean that nova can no longer access the disk files with 0640 permissions.
The disks (and base image) for a vm are created as nova:nova; libvirt then shifts the ownership to libvirt-qemu:kvm as the vm starts. When the vm is stopped the ownership reverts to root:root.
0640 permissions are maintained - however nova is not part of the root or kvm groups so cannot access the file - which means the instance cannot be restarted.
The following permissions are required for correct operation:
find /var/lib/nova -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" +