VMware Cloud Community
fluoml
Contributor
Contributor

root just have read permissions...

Hi,

I don't know what happened but the root user just have read permissions.

I am using ESX Server 3.0.1, 32039

I can start already created guest or even stop them, but I am unavailable to create a new virtual machine, enter in maintenance mode, shutdown or reboot ESX.

I can not modify the permissions or create a new user?

I don't know what I did wrong? The last thing I can remember is to have used converter and that did not go right... (don't know if this is related)

Anyone got an idea?

Regards,

David

Reply
0 Kudos
18 Replies
rt
VMware Employee
VMware Employee

I'm not sure if this is converter effect. However what error do you get when you type shutdown or reboot? How much disk space do you have? It might also be possible that there is a filesystem corruption.

fluoml
Contributor
Contributor

Hi,

Thanks RT.

The boot.log is fine after a reboot. Nothing special.

I am not an expert in GNU-Linux or VMWARE.

Is there a way to check why the root does not have correct right?

Eveything works fine except for the problem exposed above.

Regards,

David

Reply
0 Kudos
fluoml
Contributor
Contributor

Is it normal to not have any space on / ?

Regards,

David

Reply
0 Kudos
jccoca
Hot Shot
Hot Shot

It's not normal, free some space

fluoml
Contributor
Contributor

Hi,

Thanks for the help,

I managed to clear some space.

Not

much has changed, unfortunatly.

There're some things I still don't

understand, maybe you could help me.

I have a total of approximatively

1.1To of Hard Drive.

When I do a "df", i now get the

following:

root@esx1 /# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda2 4.9G 1.4G 3.3G 30% / /dev/sda1 99M 29M 65M 31% /boot none 131M 0 131M 0% /dev/shm /dev/sda6 2.0G 49M 1.8G 3% /var/log

But if i do a "ls /vmfs/devices/disks/ -la", I get

the following:

root@esx1 /# ls /vmfs/devices/disks/ -lah total 1.1T drwx------ 1 root root 512 Nov 1 12:05 . drwx------ 1 root root 512 Nov 1 12:05 .. lrwx------1 root root 58 Nov 1 12:05 vmhba0:0:0:0 ->vml.0200000000600188b... -rwx------ 1 root root 1.1T Nov 1 12:05 vml.0200000000600188b...

And

also, if i do a "ls /vmfs/devices/lvm/ -lah", I get the following:

root@esx1 /# ls /vmfs/devices/lvm/ -lah total 1.1T drwx------ 1 root root 512 Nov 1 12:04 . drwx------ 1 root root 512 Nov 1 12:04 .. -rwx------1 root root 1.1T Nov 1 12:04 47138c96-6b49f428-26b5-001aa007

As I said previously, I am not very good in the GNU-Linux (Unix) world.

How can I get a filesystem smaller than the files contained in it? (2 files of 1.1T are contained in afilesystem 4.9G)

How can I have TWO files of almost the same size than the entire hard-disks? (2 files of 1.1T are contained in 5 hard-drive of 300G each(RAID 5))

Is there something wrong there?

Regards,

David

Reply
0 Kudos
fluoml
Contributor
Contributor

Hi,

In fact, I slightly have lost the track in my previous message.

If anybody have any idea why I can't do create any new virtual machine with the root user?

Regards,

David

Reply
0 Kudos
virtualdud3
Expert
Expert

My guess is that someone, while connecting via the VI client, assigned the root user "Read-Only" permission to the datacenter.

No worries, it is easy to change.

Login to the service console, and type the following command:

#cat /etc/vwmare/hostd/authorization.xml

Look at the top portion of the file:

If you don't know how to use a text editor to change this file:

At the shell prompt (while logged-in as root) -

#vi /etc/vmware/hostd/authorization.xml

This should bring-up the file. Then, hit the lower-case "i" key once; you should see that you go into "insert mode" by the INSERT that appears in the lower left-hand corner. Now, use the arrow keys/keyboard to naviagate to the ".

Now, hit the "Esc" key, which will take you out of Insert mode (the INSERT will disappear). Now, type ":wq!" (the first character is a colon), and then at the shell prompt type:

#service mgmt-vmware restart

Now, login via the VI client as root and you should be good-to-go.




###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!
Reply
0 Kudos
fluoml
Contributor
Contributor

Hi,

Thank you very much for your help, unfortunatly (or fortunatly as you prefer) the file was correct:

<ACEDataRoleId>-1</ACEDataRoleId>

Regards,

David

Reply
0 Kudos
virtualdud3
Expert
Expert

I was afraid that might be the case...

Are you using a VirtualCenter server?

Also, is the root unable to power-on any VM, or just unable to power-on a single VM?




###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!
Reply
0 Kudos
fluoml
Contributor
Contributor

hi,

No, I am just using a single ESX Server 3.x there. No VirtualCenter in that case.

root can power-on all the VM.

The problem is more that it can't modify any settings from the Virtual Infrastructure Client and can't create any new VM.

Thanks,

David

Reply
0 Kudos
virtualdud3
Expert
Expert

From the service console, try running the command:

#service mgmt-vmware restart

If this doesn't work, try posting the /etc/vmware/hostd/authorization.xml file here. My guess is there is a persmission applied somewhere giving the "root" user Read-Only.

###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!
Reply
0 Kudos
fluoml
Contributor
Contributor

if all the VM are down, the command works fine.

I just have realised I might have told you something not entirely correct.

I just realised I was not very good in my explanation of the problem.

As I told you, I can't do anything on the ESX server itself (reboot, add new VM...., change privilege)

On the differents VM, on the contrary, root can do anything it wish (as usual).

Does that help?

BTW, I include the authorization.xml file...

Thanks again for your help,

Reply
0 Kudos
fluoml
Contributor
Contributor

Morning,

Anybody has any new idea on that subject?

Regards,

David

Reply
0 Kudos
jccoca
Hot Shot
Hot Shot

To see your current space use vdf -h, when you do a df it's not showing the vmfs filesystem

Reply
0 Kudos
fluoml
Contributor
Contributor

Thanks!!

I feel a (little less) stupid... Smiley Wink

For my root permissions problem, I should maybe try migrating to 3.0.2 ? ?:|

I resume my problem: the root user can't do much on the ESX server itself as it does not seem to have enough priviledge.

On an other hand, it has no problem doing what he wants on the differents VMs.

Thanks in advance,

Reply
0 Kudos
fluoml
Contributor
Contributor

I migrated to 3.0.2, no change...

I really don't know what to do anymore.

Regards,

David

Reply
0 Kudos
rt
VMware Employee
VMware Employee

paste the output of vdf -h

What are the error message when you type shutdown or reboot??

If you have another raw partition can you create a vmfs partiton on that and see if you can create/edit the VM's,

-Rahul

Reply
0 Kudos
fluoml
Contributor
Contributor

hi,

Here is what I get when I do a "vdf -h" .

root@servername root# vdf -h

Filesystem Size Used Avail Use% Mounted on

/dev/sda2 4.9G 1.5G 3.2G 31% /

/dev/sda1 99M 30M 65M 32% /boot

none 131M 0 131M 0% /dev/shm

/dev/sda6 2.0G 49M 1.8G 3% /var/log

/vmfs/devices 2.2T 0 2.2T 0% /vmfs/devices

/vmfs/volumes/47138c97-d8be2212-1102-001aa0073866

1.1T 92G 1015G 8% /vmfs/volumes/storage1

root@servername root#

The only error I get when I do a reboot is a "ntpd shutdown failed". That's all.

Thank you very much for your help,

Regards,

Reply
0 Kudos