Virt-manager doesn't work "permission denied"

AjayTV · 11 April 2022 18:54

So I downloaded virt-manager from the Official Repositories and wanted to create a vm but once I choose my iso and click finish I get:

Unable to complete install: ‘internal error: qemu unexpectedly closed the monitor: 2022-04-11T18:48:20.803859Z qemu-system-x86_64: -blockdev {“driver”:“file”,“filename”:"/home/ajaytv/Documents/VirtualBox VMs/Fedora-Workstation-Live-x86_64-35-1.2.iso",“node-name”:“libvirt-1-storage”,“auto-read-only”:true,“discard”:“unmap”}: Could not open ‘/home/ajaytv/Documents/VirtualBox VMs/Fedora-Workstation-Live-x86_64-35-1.2.iso’: Permission denied’

Traceback (most recent call last):
File “/usr/share/virt-manager/virtManager/asyncjob.py”, line 72, in cb_wrapper
callback(asyncjob, *args, **kwargs)
File “/usr/share/virt-manager/virtManager/createvm.py”, line 2008, in _do_async_install
installer.start_install(guest, meter=meter)
File “/usr/share/virt-manager/virtinst/install/installer.py”, line 695, in start_install
domain = self._create_guest(
File “/usr/share/virt-manager/virtinst/install/installer.py”, line 637, in _create_guest
domain = self.conn.createXML(initial_xml or final_xml, 0)
File “/usr/lib/python3.10/site-packages/libvirt.py”, line 4400, in createXML
raise libvirtError(‘virDomainCreateXML() failed’)
libvirt.libvirtError: internal error: qemu unexpectedly closed the monitor: 2022-04-11T18:48:20.803859Z qemu-system-x86_64: -blockdev {“driver”:“file”,“filename”:"/home/ajaytv/Documents/VirtualBox VMs/Fedora-Workstation-Live-x86_64-35-1.2.iso",“node-name”:“libvirt-1-storage”,“auto-read-only”:true,“discard”:“unmap”}: Could not open ‘/home/ajaytv/Documents/VirtualBox VMs/Fedora-Workstation-Live-x86_64-35-1.2.iso’: Permission denied

So l search up this problem in the forum and find someone with the same issue: My virtual machine doesn't start anymore

and that leads me to this guide: [Solved] Cannot access storage file, Permission denied Error in KVM Libvirt - OSTechNix

but once I try out method 1 I still get the same output and when I try method 2 instead of:

getfacl: Removing leading ‘/’ from absolute path names
file: home/sk/
owner: sk
group: sk
user::rwx
user:qemu:r-x #effective:–x
group::— #effective:—
mask::–x
other::—

my output is:

getfacl: Removing leading ‘/’ from absolute path names

file: home/ajaytv/

owner: ajaytv

group: ajaytv

user::rwx
user:nobody:r-x #effective:r-x
group::— #effective:—
mask::r-x
other::—

why is it “nobody” instead of “qemu” is that the problem? Because when I try to create a vm I face the same problem like before…permission denied.

Thanks in advance to anyone who might answer!

CatFish · 11 April 2022 19:34

Probably, you haven’t created any libvirt group. You can check out this tutorial.

AjayTV · 11 April 2022 20:11

Add your current user to the group “libvirt”.
sudo usermod -G libvirt -a $USER

I did that and it still doesn’t work.

zbe · 11 April 2022 20:13

Libvirt is using libvirt-qemu group now and not nobody anymore, as far as I can tell.
Try setting +x ACL on $HOME, Documents and VirtualBox\ VMs, and any other appropriate dirs: setfacl -m user:libvirt-qemu:--x /path/to/dir

AjayTV · 11 April 2022 20:41

I used:

setfacl -m user:libvirt-qemu:–x /home/ajaytv/Documents/VMs

I’m sorry maybe I did it wrong? It still doesn’t work.

zbe · 11 April 2022 20:56

Of course it doesn’t. Do you even have /home/ajaytv/Documents/VMs? And you have to do it for every level, unless you use recursion.

AjayTV · 12 April 2022 00:37

Yes I changed “VirtualBox VMs” to “VMs” before I used the command line.

“And you have to do it for every level, unless you use recursion.”

I’m gonna be real with you I’ve been using Manjaro and Linux in general for 3 months now so I have no idea what your second sentence even means…

zbe · 12 April 2022 06:17

I mean every directory level. Read everything carefully and twice if necessary - this is especially important if you are a novice user. I wrote you have to do it for /home/ajaytv, for /home/ajaytv/Documents, and for /home/ajaytv/Documents/VMs.

AjayTV · 12 April 2022 13:03

Thanks for the clarification! I made sure to double check and I’m sure that it’s the right directory on every level.

zbe · 12 April 2022 13:10

Ok. Can you show output of: getfacl "$HOME"{,/Documents{,/VMs}}

AjayTV · 10 May 2022 23:23

Sorry for not answering! Life happened.

getfacl “$HOME”{,/Documents{,/VMs}} 

getfacl: Removing leading ‘/’ from absolute path names
#file: home/ajaytv
#owner: ajaytv
#group: ajaytv
user::rwx
user:nobody:r-x
group::—
mask::r-x
other::—

#file: home/ajaytv/Documents
#owner: ajaytv
#group: ajaytv
user::rwx
group::r-x
other::r-x

#file: home/ajaytv/Documents/VMs
#owner: ajaytv
#group: ajaytv
user::rwx
user:libvirt-qemu:–x
group::r-x
mask::r-x
other::r-x

zbe · 10 May 2022 23:35

That shows you are still not listening to what I’m telling you. For the third time: You need to have “user:libvirt-qemu:–x” line at each of those 3 directories. Please re-read topic as many times as necessary.

AjayTV · 11 May 2022 12:44

I finally understood what you meant! I added libvirt-qemu:–x as a user to all three directory levels and it works now! Apologies for not understanding earlier it just took a while for me to connect the dots

system · 14 May 2022 02:44

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.