macOS-Simple-KVM icon indicating copy to clipboard operation
macOS-Simple-KVM copied to clipboard

Published 20 hours ago verified publisher icon foxlet

Permission error when added to virt-manager

Open mikekeehnen opened this issue 3 years ago • 12 comments

The VM works flawless when running via basic.sh. But I want to add the vm to virtual machine manager to make it easier for myself to passthrough my graphicscard. When adding the vm to virt-manager with sudo ./make.sh --add the vm is added to virt-manager, but when I try to start it I get the following error:

Screenshot from 2021-07-02 12-47-31

Details: `Error starting domain: internal error: process exited while connecting to monitor: 2021-07-02T10:47:39.248490Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/home/mikekeehnen/OSX-KVM/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/home/mikekeehnen/OSX-KVM/OVMF_CODE.fd': Permission denied

Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/asyncjob.py", line 65, in cb_wrapper callback(asyncjob, *args, **kwargs) File "/usr/share/virt-manager/virtManager/asyncjob.py", line 101, in tmpcb callback(*args, **kwargs) File "/usr/share/virt-manager/virtManager/object/libvirtobject.py", line 57, in newfn ret = fn(self, *args, **kwargs) File "/usr/share/virt-manager/virtManager/object/domain.py", line 1329, in startup self._backend.create() File "/usr/lib64/python3.9/site-packages/libvirt.py", line 1353, in create raise libvirtError('virDomainCreate() failed') libvirt.libvirtError: internal error: process exited while connecting to monitor: 2021-07-02T10:47:39.248490Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/home/mikekeehnen/OSX-KVM/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/home/mikekeehnen/OSX-KVM/OVMF_CODE.fd': Permission denied `

Machine details: OS: Fedora 34 Kernel: 5.12.12-300.fc34.x86_64

mikekeehnen avatar Jul 02 '21 10:07 mikekeehnen

My guess is since you added the VM using sudo, that the file is owned by root now so your normal user account cant do anything with it. Go to that file and fix the permissions and you might get farther

Masamune3210 avatar Jul 02 '21 16:07 Masamune3210

@Masamune3210 Thanks for your comment. I already tried to change the permissions of the folder to qemu (which is the owner of my win10 vm) but this didn't help me at all and still results in the above error. To confirm that nothing changed I also changed the owner of the folder to root and started virt-manager with sudo, but still the same error...

Command used to change permissions: sudo chown -R qemu:qemu OSX-KVM/

mikekeehnen avatar Jul 05 '21 16:07 mikekeehnen

Which OS are you doing this on? The problem should be because there's a folder higher in the hierarchy that qemu user can't access (/home/mikekeehnen), maybe try moving the OSX-KVM folder into /var/lib/libvirt/images/OSX-KVM and update the settings to reflect that (worked for me on Fedora 34!)

Edit: You can test whether the user can access the file using sudo -u qemu stat /home/mikekeehnen/OSX-KVM/OVMF_CODE.fd

clintonwoo avatar Jul 21 '21 14:07 clintonwoo

qemu can stat DVMF_CODE.fd,

  Size: 3653632   	Blocks: 7136       IO Block: 4096   regular file
Device: fd01h/64769d	Inode: 4966        Links: 1
Access: (0644/-rw-r--r--)  Uid: (  107/    qemu)   Gid: (  107/    qemu)
Context: unconfined_u:object_r:svirt_image_t:s0:c759,c970
Access: 2021-09-03 10:07:09.239416587 +0530
Modify: 2021-09-03 10:06:00.699419272 +0530
Change: 2021-09-03 10:06:39.371417757 +0530
 Birth: 2021-09-03 10:06:00.692419272 +0530

Yet, I am having same error on Fedora34

pradyparanjpe avatar Sep 03 '21 04:09 pradyparanjpe

Workaround:

I copled the directory firmware to a new location:


sudo cp -r firmware /usr/share/edk2/macos

...and made corresponding changes in the xml.

pradyparanjpe avatar Sep 08 '21 04:09 pradyparanjpe

I had the same problem on Fedora 36.

I copied OVMF_CODE.fd file into /usr/share/OVMF directory (that should be a default directory for this stuff in Fedora) and renamed it, because here is a file with the same name. If you are in macOS-Simple-KVM directory, run:

sudo cp firmware/OVMF_CODE.fd /usr/share/OVMF/OVMF_CODE.macos_simple_KVM.fd

Then you have to edit path to this file in Virt-Manager. Go to preferences and allow Enable XML Editing. Then open details of your macOS-Simple-KVM virtual machine, go to Overview and to XML tab. Here (in loader tag) you have to edit path from something like /home/$USER/Downloads/macOS-Simple-KVM/firmware/OVMF_CODE.fd to /usr/share/OVMF/OVMF_CODE.macos_simple_KVM.fd

7104423 avatar Oct 01 '22 12:10 7104423

sudo cp firmware/OVMF_CODE.fd /usr/share/OVMF/OVMF_CODE.macos_simple_KVM.fd

This fixed for me in Fedora 36, thanks. I'm wondering why setting the OVMF_CODE.fd file permissions to 777 (allow all users) won't work, and did a quick browsing, turns out it's SELinux problem.

MobCode100 avatar Oct 25 '22 13:10 MobCode100 

sudo cp firmware/OVMF_CODE.fd /usr/share/OVMF/OVMF_CODE.macos_simple_KVM.fd

This resolved the issue for me (in Fedora 36), thanks

leandrokemp avatar Oct 27 '22 06:10 leandrokemp

I had the same problem on Fedora 36.

I copied OVMF_CODE.fd file into /usr/share/OVMF directory (that should be a default directory for this stuff in Fedora) and renamed it, because here is a file with the same name. If you are in macOS-Simple-KVM directory, run:

sudo cp firmware/OVMF_CODE.fd /usr/share/OVMF/OVMF_CODE.macos_simple_KVM.fd

Then you have to edit path to this file in Virt-Manager. Go to preferences and allow Enable XML Editing. Then open details of your macOS-Simple-KVM virtual machine, go to Overview and to XML tab. Here (in loader tag) you have to edit path from something like /home/$USER/Downloads/macOS-Simple-KVM/firmware/OVMF_CODE.fd to /usr/share/OVMF/OVMF_CODE.macos_simple_KVM.fd

I did it (Fedora 36), but I get this error in the virtual machine manager now:

Error starting domain: Path '/usr/share/VMF/OVMF_CODE.macos_simple_KVM.fd' is not accessible: No such file or directory

But the file IS there.

crojack avatar Nov 21 '22 00:11 crojack

I did it (Fedora 36), but I get this error in the virtual machine manager now:

Error starting domain: Path '/usr/share/VMF/OVMF_CODE.macos_simple_KVM.fd' is not accessible: No such file or directory

But the file IS there.

I think you have a typo in the path...it should be in OVMF directory, but in your path is VMF directory...

7104423 avatar Nov 21 '22 07:11 7104423

I did it (Fedora 36), but I get this error in the virtual machine manager now: Error starting domain: Path '/usr/share/VMF/OVMF_CODE.macos_simple_KVM.fd' is not accessible: No such file or directory But the file IS there.

I think you have a typo in the path...it should be in OVMF directory, but in your path is VMF directory...

Oh, my bad. Thanks :)

It's ok now :)

crojack avatar Nov 21 '22 11:11 crojack

FWIW, I was able to get past essentially the same error by running sudo chcon -u system_u -t usr_t {path_to_folder}/OVMF_CODE.fd

whydoubt avatar Oct 29 '23 21:10 whydoubt