Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

what is messing with /var/lib/libvirt/images permissions? #1807

Open
bayeslearner opened this issue Feb 16, 2024 · 1 comment
Open

what is messing with /var/lib/libvirt/images permissions? #1807

bayeslearner opened this issue Feb 16, 2024 · 1 comment

Comments

@bayeslearner
Copy link

bayeslearner commented Feb 16, 2024
edited

something (or me) has messed up vagrant on my ubuntu box.
It runs on ubuntu 22.04 which has apparmor enabled. Correct me but I think apparmor is actually needed because it automatically sets the correct facl for files created by libvirt? Anyhow, I tried disabling and enabling it and neither works.

I'm getting:

Bringing machine 'default' up with 'libvirt' provider...
...
==> default:  -- Name:              win11_default
==> default:  -- Description:       Source: /home/xxxVM/win11/Vagrantfile
==> default:  -- Domain type:       kvm
==> default:  -- Cpus:              2
==> default:  -- Feature:           acpi
==> default:  -- Feature:           apic
==> default:  -- Feature:           pae
...
==> default:  -- Image(vda):        /var/lib/libvirt/images/win11_default.img, virtio, 60G
...
==> default:  -- RNG device model:  random
==> default: Creating shared folders metadata...
==> default: Updating domain definition due to configuration change
==> default: Starting domain.
==> default: Removing domain...
==> default: Deleting the machine folder
/home/xxx/.vagrant.d/gems/3.1.4/gems/fog-libvirt-0.12.0/lib/fog/libvirt/requests/compute/vm_action.rb:7:in `create': Call to virDomainCreateWithFlags failed: internal error: process exited while connecting to monitor: 2024-02-16T03:45:58.354257Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/var/lib/libvirt/images/win11_default.img","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/var/lib/libvirt/images/win11_default.img': Permission denied (Libvirt::Error)

I also tried to setfacl manually:

sudo getfacl -e  /var/lib/libvirt/images
getfacl: Removing leading '/' from absolute path names
# file: var/lib/libvirt/images
# owner: root
# group: root
user::rwx
user:xxx:rwx		#effective:rwx
user:libvirt-qemu:rwx		#effective:rwx
group::--x			#effective:--x
group:kvm:rwx			#effective:rwx
group:libvirt:rwx		#effective:rwx
mask::rwx
other::--x

It seems user xxx(me) and libvirt-qemu as well as group kvm and libvirt have been given full permissions. But it still doesn't work.

What do I have to do to reset this?
@bayeslearner
Copy link
Author

I tried with another vagrant box and I got the same error. Actually I don't think /var/lib/libvirt/images/alma_default.img got created either.

Bringing machine 'default' up with 'libvirt' provider...
==> default: Checking if box 'generic/alma9' version '4.3.12' is up to date...
==> default: Creating image (snapshot of base box volume).
==> default: Creating domain with the following settings...
==> default:  -- Name:              alma_default
==> default:  -- Description:       Source: /home/xxx/VM/alma/Vagrantfile
==> default:  -- Domain type:       kvm
==> default:  -- Cpus:              2
==> default:  -- Feature:           acpi
==> default:  -- Feature:           apic
==> default:  -- Feature:           pae
==> default:  -- Clock offset:      utc
==> default:  -- Memory:            2048M
==> default:  -- Base box:          generic/alma9
==> default:  -- Storage pool:      default
==> default:  -- Image(vda):        /var/lib/libvirt/images/alma_default.img, virtio, 128G
==> default:  -- Disk driver opts:  cache='default'
==> default:  -- Graphics Type:     vnc
==> default:  -- Video Type:        cirrus
==> default:  -- Video VRAM:        256
==> default:  -- Video 3D accel:    false
==> default:  -- Keymap:            en-us
==> default:  -- TPM Backend:       passthrough
==> default:  -- INPUT:             type=mouse, bus=ps2
==> default: Creating shared folders metadata...
==> default: Starting domain.
==> default: Removing domain...
==> default: Deleting the machine folder
/home/xxx/.vagrant.d/gems/3.1.4/gems/fog-libvirt-0.12.0/lib/fog/libvirt/requests/compute/vm_action.rb:7:in `create': Call to virDomainCreate failed: internal error: qemu unexpectedly closed the monitor: 2024-02-16T04:33:41.927349Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/var/lib/libvirt/images/alma_default.img","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/var/lib/libvirt/images/alma_default.img': Permission denied (Libvirt::Error)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bayeslearner