Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Virtualization with qemu, libvirtd, virt-manager, ovmf
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
wilsonmeier
n00b
n00b


Joined: 12 Jan 2016
Posts: 2

PostPosted: Tue Jan 12, 2016 9:07 pm    Post subject: Virtualization with qemu, libvirtd, virt-manager, ovmf Reply with quote

Hey folks,

i hope someone can help me to get things up and running.
The whole thing drives my totaly crazy.

Currently i have 3 problems.

1. Root user (qemu:///system and qemu:///session) can see the OVMF UEFI image in virt-manager but cannot start the vm.
-> Could not access KVM kernel module: Permission denied failed to initialize KVM: Permission denied

2. A normal user (qemu:///session) cannot see the OVMF UEFI image (dropdown shows only Bios) but can start a vm using legacy bios.
-> Libvrit did not detect any UEFI/OVMF firmware image installed on the host

1. A normal user(qemu:///system) can see the OVMF UEFI image in virt-manager but cannot start the vm.
-> Could not access KVM kernel module: Permission denied failed to initialize KVM: Permission denied

Installed packages:

app-emulation/libvirt-1.3.0-r1
app-emulation/libvirt-glib-0.2.3
dev-python/libvirt-python-1.3.0
app-emulation/virt-manager-1.3.2
app-emulation/qemu-2.4.1-r2

OMVF from https://www.kraxel.org/repos/jenkins/edk2/ installed (with ebuild from local overlay) into /usr/share/edk2-ovmf/qemu

Code:
# ll /usr/share/edk2-ovmf/qemu
total 4,0M
drwxr-xr-x 1 root root   62 12. Jan 20:47 .
drwxr-xr-x 1 root root    8 12. Jan 20:47 ..
-rw-r--r-- 1 root qemu 2,0M 12. Jan 20:47 OVMF.fd
-rw-r--r-- 1 root qemu 1,9M 12. Jan 20:47 OVMF_CODE.fd
-rw-r--r-- 1 root qemu 128K 12. Jan 20:47 OVMF_VARS.fd


Code:
# ll /usr/share/qemu/OVMF.fd
lrwxrwxrwx 1 root root 33 12. Jan 20:47 /usr/share/qemu/OVMF.fd -> /usr/share/edk2-ovmf/qemu/OVMF.fd


Code:
# lsmod | grep kvm
kvm_intel             137463  0
kvm                   255864  1 kvm_intel


Code:
# ll /dev/kvm
crw-rw----+ 1 root root 10, 232  9. Jan 23:56 /dev/kvm


Code:
libvirtd.service - Virtualization daemon
   Loaded: loaded (/usr/lib64/systemd/system/libvirtd.service; disabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/libvirtd.service.d
           └─00gentoo.conf
   Active: active (running) since Di 2016-01-12 21:28:18 CET; 18min ago
     Docs: man:libvirtd(8)
           http://libvirt.org
 Main PID: 20237 (libvirtd)
   CGroup: /system.slice/libvirtd.service
           └─20237 /usr/sbin/libvirtd


Code:
# cat /etc/systemd/system/libvirtd.service.d/00gentoo.conf

# Uncomment the following three lines to start libvirtd with the '--listen'
# directive such that it listens for TCP/IP connections (honoring the
# listen_tls and listen_tcp settings in /etc/libvirt/libvirtd.conf). If
# libvirtd is started without the '--listen' parameter, network connection
# (for the daemon) is globally disabled:

# [Service]
# ExecStart=
# ExecStart=/usr/sbin/libvirtd --listen


Code:
virtlogd.service - Virtual machine log manager
   Loaded: loaded (/usr/lib64/systemd/system/virtlogd.service; indirect; vendor preset: enabled)
   Active: active (running) since Di 2016-01-12 21:47:33 CET; 1min 32s ago
     Docs: man:virtlogd(8)
           http://libvirt.org
 Main PID: 29181 (virtlogd)
   CGroup: /system.slice/virtlogd.service
           └─29181 /usr/sbin/virtlogd


Code:
# cat /etc/libvirt/qemu.conf| grep nvram
nvram = ["/usr/share/edk2-ovmf/qemu/OVMF.fd:/usr/share/edk2-ovmf/qemu/OVMF_VARS.fd"]


Code:
# cat /etc/passwd
...
qemu:x:77:77:added by portage for libvirt:/dev/null:/sbin/nologin


Code:
# cat /etc/group
kvm:x:78:qemu
qemu:x:77:


Code:
# emerge --info
Portage 2.2.26 (python 3.4.3-final-0, default/linux/amd64/13.0/desktop/plasma/systemd, gcc-5.3.0, glibc-2.21-r1, 4.3.3-gentoo x86_64)
=================================================================
System uname: Linux-4.3.3-gentoo-x86_64-Intel-R-_Core-TM-_i5-3570K_CPU_@_3.40GHz-with-gentoo-2.2
...


Whats am i missing?

Thanks
Back to top
View user's profile Send private message
wilsonmeier
n00b
n00b


Joined: 12 Jan 2016
Posts: 2

PostPosted: Tue Jan 12, 2016 10:10 pm    Post subject: Reply with quote

I tried a few things:

1. Change group of /dev/kvm and group of qemu in /etc/libvirt/qemu.conf to "kvm". Restarted libvirtd.
-> Again: Permission denied

2. Change group of /dev/kvm and group of qemu in /etc/libvirt/qemu.conf to "qemu". Restarted libvirtd.
-> Again: Permission denied

3. Change group of /dev/kvm and group of qemu in /etc/libvirt/qemu.conf to "root". Restarted libvirtd.
-> Everything works

But this is more a workaround.
Running the whole thing as root is not how it should be, or?
Back to top
View user's profile Send private message
mprivozn
n00b
n00b


Joined: 31 Jul 2016
Posts: 3

PostPosted: Sun Jul 31, 2016 9:32 pm    Post subject: Reply with quote

Yes & no.

By default, libvirt will run qemu under whatever user the daemon is running as. Therefore, for the qemu:///system (which is the system-wide daemon running as root) the qemu will run under root:root.
If you want to run qemu under different user, you need to reset /dev/kvm perms, enable dynamic_ownership in qemu.conf and set user= group= in the same file.

btw: your /dev/kvm should be owned by root:kvm in order to allow kvm group to set up VMs.
Also, you're not telling it in your post, but you should use OVMF_VARS.fd as a template for your domain letting libvirt to create a special one just for the domain. (<nvram template='/path/to/OVMF_VARS.fd'/>)
Back to top
View user's profile Send private message
hopchis
n00b
n00b


Joined: 02 Sep 2016
Posts: 1

PostPosted: Fri Sep 02, 2016 1:09 pm    Post subject: Reply with quote

I've found that if I want to use uefi with a qemu user session while using virt-manager as a front-end, I have to create a local qemu.conf file at /home/user/.config/libvirt/qemu.conf
Since it is a user session, it does not read the system-wide configuration file but uses qemu defaults. You need to tell the user session where the nvram files are. You can simply copy the /etc/libvirt/qemu.conf file to /home/user/.config/libvirt/qemu.conf and delete every line other than the "nvram =" part. The first time I did this I restarted libvirtd and it seemed to take effect. After I made another change it didn't, which makes sense since the user session doesn't connect to libvirtd. I rebooted and the local configuration worked and the uefi was available in qemu user session mode.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum