Ask Your Question
1

QEMU/KVM refuses to start virtual machine

asked 2017-09-19 00:30:39 -0500

francko gravatar image

updated 2017-09-19 05:09:22 -0500

i've got a petty urgent problem here. I created a virtual machine in Qemu/KVM about 4 weeks ago and installed Windows7 with a CAD software. It worked pretty well. Yesterday as i wanted to start the virtual machine on my laptop, i got an error message

"Cannot access storage file '/home/frank/CreoPC/CreoPC' (as uid:107, gid:107): no access".

The funny side is that on my PC with the same configuration and identical virtual machine it still works...

kernel 4.12.13-300.fc26

gnome-desktop3 3.24-2-1.fc26

quemu/kvm 2.9.1-1.fc26


i found out that the userid 107 and group 107 are the user qemu

[root@franks-imac frank]# id 107

uid=107(qemu) gid=107(qemu) Gruppen=107(qemu),36(kvm)

i compared the file acces for the vm-file "/home/frank/CreoPC/CreoPC" and on both computers it says:

[root@franks-imac frank]# ls -l/home/frank/CreoPC/CreoPC

-rwxr--r--. 1 root root 35246047232 19. Sep 07:16 /home/frank/CreoPC/CreoPC

when i launch the virtual machine on the PC the file access changes automatically to:

[root@franks-imac frank]# ls -l /home/frank/CreoPC/CreoPC

-rwxr--r--. 1 qemu qemu 35246047232 19. Sep 07:16 /home/frank/CreoPC/CreoPC

it seems, that this is the step where qemu/kvm fails on my laptop, because even creating a new virutal machine failes with the same error. Any idea?

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2017-09-19 07:37:20 -0500

villykruse gravatar image

Run the SELinux Troubleshooter to check if you have a selinux issue.

The default selinux expects the virtual file systems are created in /var/lib/libvirt/images. The selinux lable for these files are

ls -Za /var/lib/libvirt/images
  system_u:object_r:virt_image_t:s0 .
system_u:object_r:virt_var_lib_t:s0 ..
  system_u:object_r:virt_image_t:s0 RH73.img
  system_u:object_r:virt_image_t:s0 bootnet.img
  system_u:object_r:virt_image_t:s0 centos42.qcow2
  system_u:object_r:virt_image_t:s0 fedora.qcow2
  system_u:object_r:virt_image_t:s0 rhl6.2.qcow2
  system_u:object_r:virt_image_t:s0 ubuntu-15.10.qcow2

To set the selinux context for the virtual file systems in your case, run

chcon -t virt_image_t /home/frank/CreoPC
chcon -t virt_image_t /home/frank/CreoPC/CreoPC
edit flag offensive delete link more

Comments

SELinux was a good hint. There is a Error Message in SELinux Troubleshooter

SELinux is pereventing qemu-system-x86 from read access on the file CreoPC

Allow this access for now by executing:

ausearch -c 'qemu-system-x86' --raw | audit2allow -M my-qemusystemx86

semodule -X 300 -i my-qemusystemx86.pp

i understand this that i can prompt the last two lines in terminal to create the SELinux exeption. Right?

francko gravatar imagefrancko ( 2017-09-19 09:40:42 -0500 )edit

That is another way to grant the required permissions. It would allow the qemu system to access your home directory.

villykruse gravatar imagevillykruse ( 2017-09-19 09:49:25 -0500 )edit

yep, the SELinux restrictions made the problems, which are now solved :-)

many thanks villykruse :-)

francko gravatar imagefrancko ( 2017-09-20 04:02:21 -0500 )edit
1

answered 2017-09-19 06:39:27 -0500

clnetbox gravatar image

There seem to be ACL restrictions on the host system ...
To solve it change the ACL attributes of the qemu user :

sudo setfacl -R -m u:qemu:rwx /home/frank/CreoPC

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-09-19 00:30:39 -0500

Seen: 495 times

Last updated: Sep 19 '17