Welcome to the Linux Foundation Forum!

Lab 28.2 virt-manager problem with permissions

Options
gairsty
gairsty Posts: 26
in LFS201 Class Forum - Discontinued

Hi. I have encountered a problem where when following the directions to install tinycore on virt-manager I get the following message:

Unable to complete install: 'internal error: qemu unexpectedly closed the monitor: 2020-06-29T07:52:43.049189Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/home/andrew/Downloads/CorePlus-current.iso","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/home/andrew/Downloads/CorePlus-current.iso': Permission denied'

Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/asyncjob.py", line 75, in cb_wrapper
    callback(asyncjob, *args, **kwargs)
  File "/usr/share/virt-manager/virtManager/createvm.py", line 2089, in _do_async_install
    guest.installer_instance.start_install(guest, meter=meter)
  File "/usr/share/virt-manager/virtinst/install/installer.py", line 542, in start_install
    domain = self._create_guest(
  File "/usr/share/virt-manager/virtinst/install/installer.py", line 491, in _create_guest
    domain = self.conn.createXML(install_xml or final_xml, 0)
  File "/usr/lib/python3/dist-packages/libvirt.py", line 4034, in createXML
    if ret is None:raise libvirtError('virDomainCreateXML() failed', conn=self)
libvirt.libvirtError: internal error: qemu unexpectedly closed the monitor: 2020-06-29T07:52:43.049189Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/home/andrew/Downloads/CorePlus-current.iso","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/home/andrew/Downloads/CorePlus-current.iso': Permission denied

$ ls -l Core* gives me:

-rwxr-xr-x 1 libvirt-qemu kvm 216006656 Jun 29 07:06 CorePlus-current.iso

Do I need to change the permissions on this file? Or do I need to do something with users?

Thanks in advance!

Comments

  • dacarab
    dacarab Posts: 8
    Options

    When I went through the lab, virt-manager changed the user / group ownership of the iso file to qemu / qemu. I'm running CentOS 8 for this lab, so it might just be a difference in distros that we are running.

    The only other difference I see is my iso is set to 664 in terms of permissions - so am wondering if adding write to the group would make a difference...

    Cheers

  • coop
    coop Posts: 915
    Options

    Hi: It is pretty hard to debug this stuff unless you tell us things like distribution and version. For the case of anything virtual also it is important to tell us if this is a real machine or a VM running under a hypervisor and if so which one. In some cases telling us how much RAM there is and other HW issues can help.

    As dacarab mentioned he was running CentOS 8 and seems to have been able to get it done. I can't easily debug this as I would be doing the same thing as the only physical boxes I have are running RHEL 8 or CentOS 8

  • lee42x
    lee42x Posts: 380
    Options

    This bit "Could not open '/home/andrew/Downloads/CorePlus-current.iso': Permission denied" makes me want to check the permissions of the "iso" file. We should have avoided permission challenges when we ran "sudo virt-manager" . If it is desired to run the VM as another user, set the group to "qemu" on the "iso" file.

    Please confirm if the command "sudo virt-manager" was used.
    Lee

  • gairsty
    gairsty Posts: 26
    Options

    Hi ail. Thank you for responding!

    I'm running Ubuntu 20.04 LTS with 16GB of RAM on a real machine.
    It's virt-manager v2.2.1
    I've had little problems previously using either Virtualbox or VMWare on this machine, both of which were stopped and disabled as per Lab 28.1.

    The command was run as "sudo virt-manager".
    Just tried with permissions set to 664, with no joy.
    When I run $ sudo virt-manager, it changes the user/group ownership of the .iso to libvert-qemu / kvm, from whatever I may have changed it to, (root, andrew, etc). I have also tried $ sudo virt-manager as root.
    If I run $ virt-manager, (i.e.no sudo) I don't get the option for a QEMU/KVM session, only and LXC session in virt-manager.

    This is thoroughly frustrating as I've been really enjoying the course up to now!

  • lee42x
    lee42x Posts: 380
    Options

    Can you please run:

    sudo systemctl status apparmor

    and

    sudo getenforce

    Thanks Lee
    This is interesting as I run Ubuntu 20.04 on my laptop that I do everything on.

  • gairsty
    gairsty Posts: 26
    Options

    Hi Lee.
    apparmor is active.
    getenforce is not installed. Would installing SELinux help resolve this problem?

  • luisviveropena
    luisviveropena Posts: 1,154
    Options

    Hi @gairsty ,

    I just did a test case with Ubuntu 20.04. Apparmor is enabled by default, and SELinux is not configured (it's one or another). So, I couldn't reproduce the issue, because it worked on my environment.

    So, I have some few questions:

    1.- Is the libvirtd service running? Please provide the output for:

    sudo systemctl status libvirtd

    2.- What packages have you installed for testing this?

    3.- The following are the permissions on my file:

    luis@ubuntu20:~$ ls -l CorePlus-current.iso
    -rw-r--r-- 1 libvirt-qemu kvm 124780544 Kun 19 18:50 CorePlus-current.iso

    So, you have:

    -rwxr-xr-x 1 libvirt-qemu kvm 216006656 Jun 29 07:06 CorePlus-current.iso

    So, where did you put the file? Is it mounted in a read-only directory? Please try moving it to your home directory or on /tmp, just to be sure.

    Regards,
    Luis.

  • coop
    coop Posts: 915
    Options

    Normally you can not run apparmor and selinux at the same time, so there is no way any selinux commands will work. You also have to make sure both are include in the kernel, so that you can turn one or the other off.

  • lee42x
    lee42x Posts: 380
    edited July 2020
    Options

    Please try:

    $ sudo aa-teardown
    $ sudo systemctl stop apparmor
    $ sudo systemctl disable apparmor

  • gairsty
    gairsty Posts: 26
    Options

    @luisviveropena said:
    Hi @gairsty ,

    So, I have some few questions:

    1.- Is the libvirtd service running? Please provide the output for:

    sudo systemctl status libvirtd

    Hi Luis. Sorry about the delay in returning to this...

    When I check the status of libvirtd prior to launching virt-manager, all is well. However once virt-manager is launched I get this,

    Jul 28 07:53:40 liveware-problem libvirtd[8347]: libvirt version: 6.0.0, package: 0ubuntu8.2 (Christian Ehrhardt christian.ehrhardt@canonical.com Mon, 22 Jun 2020 21:30:50 +0200)
    Jul 28 07:53:40 liveware-problem libvirtd[8347]: hostname: liveware-problem
    Jul 28 07:53:40 liveware-problem libvirtd[8347]: operation failed: pool 'default' already exists with uuid ffe65bc4-e3ad-4e58-ab3d-527e844ce476
    Jul 28 07:53:40 liveware-problem libvirtd[8347]: operation failed: pool 'default' already exists with uuid ffe65bc4-e3ad-4e58-> ab3d-527e844ce476
    Jul 28 07:53:40 liveware-problem libvirtd[8347]: this function is not supported by the connection driver: virConnectGetAllDomainStats

    I tried the same thing on my Ubuntu18 vmware machine and after running $ sudo virt-manager, I get,

    Jul 28 08:03:15 ubuntu18 libvirtd[932]: 2020-07-28 07:03:15.260+0000: 988: info : libvirt version: 4.0.0, package: 1ubuntu8.17 (Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 06 May 2020 14:18:23 -0400)
    Jul 28 08:03:15 ubuntu18 libvirtd[932]: 2020-07-28 07:03:15.260+0000: 988: info : hostname: ubuntu18
    Jul 28 08:03:15 ubuntu18 libvirtd[932]: 2020-07-28 07:03:15.260+0000: 988: error : netcfConnectNumOfInterfacesImpl:288 : internal error: failed to get number of host interfaces: unspecified error - errors in loading some config files
    Jul 28 08:03:15 ubuntu18 libvirtd[932]: 2020-07-28 07:03:15.306+0000: 986: error : netcfConnectListAllInterfaces:564 : internal error: failed to get number of host interfaces: unspecified error - errors in loading some config files
    Jul 28 08:03:15 ubuntu18 libvirtd[932]: 2020-07-28 07:03:15.353+0000: 989: error : netcfConnectListAllInterfaces:564 : internal error: failed to get number of host interfaces: unspecified error - errors in loading some config files

    However, I am able to complete the lab in the Ubuntu18 VM

    So, more questions than answers...

    There is a difference in libvirtd versions, which I suspect is probably the problem. However, I'm intrigued to know what version is running on your system Luis.

    In answer to your other questions:

    2.- What packages have you installed for testing this?

    Answered above, I think.

    3 - the file is in my Downloads directory. I also tried it in my /home directory, same permissions, no joy.

  • gairsty
    gairsty Posts: 26
    Options

    @lee42x said:
    Please try:

    $ sudo aa-teardown
    $ sudo systemctl stop apparmor
    $ sudo systemctl disable apparmor

    Hi Lee.

    I tried the above to no avail. Sorry.

Categories

Upcoming Training