Centos
無法打開“/root/CentOS-7-x86_64-Minimal-1611.iso”:權限被拒絕
嘗試使用 virt-install 在 CentOS 7 主機上創建 CentOS 7 來賓虛擬機會產生以下錯誤:
Could not open '/root/CentOS-7-x86_64-Minimal-1611.iso': Permission denied解決這個錯誤需要採取哪些具體步驟,才能成功安裝CentOS 7 guest虛擬機?
詳細情況如下:
重現錯誤的步驟:
首先,我
iso從 centos 鏡像下載了文件:[root@remote-host ~]# wget http://centos.mbni.med.umich.edu/mirror/7/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso --2017-03-13 12:52:53-- http://centos.mbni.med.umich.edu/mirror/7/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso Resolving centos.mbni.med.umich.edu (centos.mbni.med.umich.edu)... 141.214.186.162 Connecting to centos.mbni.med.umich.edu (centos.mbni.med.umich.edu)|141.214.186.162|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 713031680 (680M) [application/octet-stream] Saving to: ‘CentOS-7-x86_64-Minimal-1611.iso’ 100%[============================================================================================================================>] 713,031,680 14.2MB/s in 50s 2017-03-13 12:53:43 (13.5 MB/s) - ‘CentOS-7-x86_64-Minimal-1611.iso’ saved [713031680/713031680]接下來,我執行了以下安裝命令,導致錯誤:
[root@remote-host ~]# virt-install \ > --name centos7 \ > --ram 2048 \ > --disk path=/dev/mapper/centos-third,size=242 \ > --vcpus 1 \ > --os-type generic \ > --os-variant generic \ > --network bridge=virbr0 \ > --graphics none \ > --console pty,target_type=serial \ > --cdrom ./CentOS-7-x86_64-Minimal-1611.iso WARNING CDROM media does not print to the text console by default, so you likely will not see text install output. You might want to use --location. See the man page for examples of using --location with CDROM media Starting install... ERROR internal error: qemu unexpectedly closed the monitor: 2017-03-13T19:58:02.701397Z qemu-kvm: -drive file=/root/CentOS-7-x86_64-Minimal-1611.iso,format=raw,if=none,id=drive-ide0-0-1,readonly=on: could not open disk image /root/CentOS-7-x86_64-Minimal-1611.iso: Could not open '/root/CentOS-7-x86_64-Minimal-1611.iso': Permission denied Domain installation does not appear to have been successful. If it was, you can restart your domain by running: virsh --connect qemu:///system start centos7 otherwise, please restart your installation. [root@remote-host ~]#為了評估權限問題,我查看了目錄的內容,如下:
[root@remote-host ~]# ls -al total 696356 dr-xr-x---. 4 root root 4096 Mar 13 12:52 . dr-xr-xr-x. 24 root root 4096 Mar 13 12:00 .. -rw-------. 1 root root 2365 Mar 12 11:14 anaconda-ks.cfg -rw-------. 1 root root 1091 Mar 13 12:13 .bash_history -rw-r--r--. 1 root root 18 Dec 28 2013 .bash_logout -rw-r--r--. 1 root root 176 Dec 28 2013 .bash_profile -rw-r--r--. 1 root root 176 Dec 28 2013 .bashrc drwxr-xr-x. 4 root root 36 Mar 13 12:42 .cache -rw-r--r--. 1 qemu qemu 713031680 Dec 5 15:44 CentOS-7-x86_64-Minimal-1611.iso drwxr-xr-x. 3 root root 17 Mar 13 10:52 .config -rw-r--r--. 1 root root 100 Dec 28 2013 .cshrc -rw-r--r--. 1 root root 129 Dec 28 2013 .tcshrc雖然我知道
root應該能夠訪問任何其他使用者的文件,但我嘗試將使用者更改為root並重新執行命令,如下所示:[root@remote-host ~]# chown root:root CentOS-7-x86_64-Minimal-1611.iso [root@remote-host ~]# ls -al total 696356 dr-xr-x---. 4 root root 4096 Mar 13 12:52 . dr-xr-xr-x. 24 root root 4096 Mar 13 12:00 .. -rw-------. 1 root root 2365 Mar 12 11:14 anaconda-ks.cfg -rw-------. 1 root root 1091 Mar 13 12:13 .bash_history -rw-r--r--. 1 root root 18 Dec 28 2013 .bash_logout -rw-r--r--. 1 root root 176 Dec 28 2013 .bash_profile -rw-r--r--. 1 root root 176 Dec 28 2013 .bashrc drwxr-xr-x. 4 root root 36 Mar 13 12:42 .cache -rw-r--r--. 1 root root 713031680 Dec 5 15:44 CentOS-7-x86_64-Minimal-1611.iso drwxr-xr-x. 3 root root 17 Mar 13 10:52 .config -rw-r--r--. 1 root root 100 Dec 28 2013 .cshrc -rw-r--r--. 1 root root 129 Dec 28 2013 .tcshrc [root@remote-host ~]# virt-install --name centos7 --ram 2048 --disk path=/dev/mapper/centos-third,size=242 --vcpus 1 --os-type generic --os-variant generic --network bridge=virbr0 --graphics none --console pty,target_type=serial --cdrom ./CentOS-7-x86_64-Minimal-1611.iso WARNING CDROM media does not print to the text console by default, so you likely will not see text install output. You might want to use --location. See the man page for examples of using --location with CDROM media Starting install... ERROR internal error: qemu unexpectedly closed the monitor: 2017-03-13T20:06:07.525792Z qemu-kvm: -drive file=/root/CentOS-7-x86_64-Minimal-1611.iso,format=raw,if=none,id=drive-ide0-0-1,readonly=on: could not open disk image /root/CentOS-7-x86_64-Minimal-1611.iso: Could not open '/root/CentOS-7-x86_64-Minimal-1611.iso': Permission denied Domain installation does not appear to have been successful. If it was, you can restart your domain by running: virsh --connect qemu:///system start centos7 otherwise, please restart your installation. [root@remote-host ~]# [root@remote-host ~]# virsh --connect qemu:///system start centos7 error: failed to get domain 'centos7' error: Domain not found: no domain with matching name 'centos7' [root@remote-host ~]#如您所見,我遇到了同樣的錯誤。 還需要做些什麼來解決這個錯誤,才能成功安裝來賓虛擬機?
您還啟用了 SELinux(這很好),但 ISO 的上下文也可能阻止 qemu 讀取它。
嘗試將 ISO 移動到
/tmp. 如果單個文件上下文合適,qemu 應該有權讀取 /tmp 中的文件。如果 qemu 移動到 後仍然無法訪問 ISO
/tmp,請查看 的內容,/var/log/audit/audit.log看看那裡是否記錄了任何訪問衝突。要查看 SELinux 上下文,例如,在將 ISO 移動到 後
/tmp,使用ls -lZ /tmp/.這不會告訴您程序訪問文件的上下文應該是什麼,但會顯示目前上下文。將其他文件的上下文(程序已經可以訪問)與該文件進行比較應該可以幫助您縮小可以設置該文件的上下文的範圍。
在這種情況下,只要 ISO 位於 qemu 可以訪問的目錄中,您就可以設置 ISO 的上下文,以便 qemu 可以讀取它
chcon -t virt_content_t <filename>.iso