libvirt.libvirtError: Cannot access storage file ... permission denied

[ssbarnea]

Another issue related to user permissions

TASK [Start molecule vm(s)] **********************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: libvirt.libvirtError: Cannot access storage file '/home/ssbarnea/.local/molecule/default/vms/instance.qcow2' (as uid:107, gid:107): Permission denied
failed: [localhost] (item=instance) => {"ansible_loop_var": "item", "changed": false, "item": {"name": "instance"}, "msg": "Cannot access storage file '/home/ssbarnea/.local/molecule/default/vms/instance.qcow2' (as uid:107, gid:107): Permission denied"}

This happened after running newgrp ssbarnea & molecule create on fresh scenario.

[ssbarnea@leno molecule-libvirt]$ ls -la /home/ssbarnea/.local/molecule/default/vms/
total 659684
drwxr-xr-x. 1 ssbarnea ssbarnea          74 May 16 11:09 .
drwxr-xr-x. 1 ssbarnea ssbarnea           6 May 15 17:43 ..
-rw-r--r--. 1 ssbarnea libvirt       374784 May 16 11:09 instance-cloud-init.iso
-rw-r--r--. 1 ssbarnea libvirt  16108814336 May 16 11:09 instance.qcow2

It seems that the qcow2 image was created with wrong permissions as the libvirt group does not have write access to it and it obviously need that.

umask reports 0022 for my current user which explains why the group did not had access but in out case we do want to use a mask 0002 at least for this file.

[jamesregis]

It seems, acl for qemu has to be set on $HOME/.local. With qemu acl on $HOME and $HOME/.local I have this

(venv) [james@r620 my-role]$ ls -l ~/.local/molecule/default/vms/
total 1218368
-rw-rw-r--. 1 qemu qemu 374784 May 16 10:09 instance-cloud-init.iso
-rw-r--r--. 1 qemu qemu 16108814336 May 16 10:16 instance.qcow2

[jamesregis]

I see the pull request.
umask should be sufficent.