On 5/13/2022 6:53 PM, David wrote:
On Sat, 14 May 2022 at 10:57, Matt Ventura <mattvent...@mattventura.net> wrote:
On one box (Debian 11.3), my virt-install script works fine:
virt-install [...]
However, on another box, the same command (minus the final --network option)
gives me this:
[...]
Could not open '/var/lib/libvirt/qemu/nvram/openwisp_VARS.fd': Permission denied
[...]
Any ideas?
You don't mention which user is running the 'virt-install' commands.
I suggest to think about that.
https://wiki.debian.org/KVM says:
In order to manage virtual machines as a regular user, that user
needs to be added to the libvirt group:
# adduser <youruser> libvirt
On both machines, check that the user (who is running the virt-install
command) is a member of group=libvirt.
Run: groups | grep libvirt
I'm not sure if this is the answer, but it is the first thing I would check.
Also, test if that user can read the file openwisp_VARS.fd via its
full path.
On the broken machine, it fails even if I run it as root. Root isn't a
member of libvirt on either machine, but root is root, so it shouldn't
be getting permission denied either way. Perhaps the file is being
created as libvirt-qemu, but the plain old libvirt user needs to access
it too? That's the only thing I can think of, since root ignores
permissions anyway.
I did try to `su` into the libvirt-qemu user, and the path was reachable
via the full absolute path. I could create, modify, read, and delete
files in that dir.
Some searching pointed to it being an AppArmor problem, but AA is
enabled on both.
Matt Ventura
