Permission denied using QEMU 'blockdev-add'

Hi,

I want to use virtnbdbackup to make backup of VMs that use Qcow format, but I had this error when I try it:

libvirt.libvirtError: internal error: unable to execute QEMU command 'blockdev-add': Could not open '/var/tmp/backup.6LZFF.vda': Permission denied

Exists any limitations to using this ‘blockdev-add’?

Using:

  • Rocky Linux (Debian 11 the same error)
  • Opennebula-host-kvm package
  • Opennebula 6.4

Hi,
A wild guess - the qemu process is started as oneadmin user. Did you try running the script as oneadmin?

BR,
Anton Todorov

Yes I tried, but has the same error :frowning:

Then you should check is debugging available debug in the backup tool to figure-out why qemu-kvm has no permissions to access the file in the given path…

BR,
Anton Todorov

Hi, I found the problem: in /etc/libvirt/qemu.conf, the option “dynamic_ownership = 0” (included in opennebula-node-kvm) makes the scratch file is created with “root” user and permission 600; then generate error “permission denied”.

Setting “dynamic_ownership = 1” solving the backup problem, but what problem could it bring to Opennebula?

1 Like