Hello.
I made another progress. I've recompiled the kernel again,I have enabled
more iptables options and now virt-manager has been able to create the
bridge for me :
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:bc:6c:69 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
So,now network works,qemu and kvm works,but now I don't know what to do
because when I try to create a new virtual machine going in FIle / New
Virtual Machine,nothing happens. There could be an additional problem,but I
don't see errors. What can I do to see which kind of problem there could be
under the hood ?
PS : I've accessed the chromebook using : ssh -Y root@192.168.1.6 and then
I ran "virt-manager" as root. Is this wrong ?
On Mon, Aug 28, 2023 at 4:27 PM Mario Marietto <marietto2...@gmail.com>
wrote:
> Thanks very much. You are very gentle and helpful.
>
> I've fixed the PolicyKit problem in this way :
>
> In :
>
> /usr/share/polkit-1/actions/org.libvirt.unix.policy
>
>
> I have changed this :
>
> <action id="org.libvirt.unix.manage">
> <description>Manage local virtualized systems</description>
> <message>System policy prevents management of local virtualized
> systems</message>
> <defaults>
> <!-- Any program can use libvirt in read/write mode if they
> provide the root password -->
> <allow_any>auth_admin_keep</allow_any>
> <allow_inactive>auth_admin_keep</allow_inactive>
> <allow_active>auth_admin_keep</allow_active>
> </defaults>
> </action>
>
>
>
> to this :
>
> <action id="org.libvirt.unix.manage">
> <description>Manage local virtualized systems</description>
> <message>System policy prevents management of local virtualized
> systems</message>
> <defaults>
> <!-- Any program can use libvirt in read/write mode if they
> provide the root password -->
> <allow_any>yes</allow_any>
> <allow_inactive>yes</allow_inactive>
> <allow_active>yes</allow_active>
> </defaults>
> </action>
>
>
> and boom : QEMU and KVM are connected now. Now,another problem has
> emerged. When I click on "File / New Virtual Machine",nothing happens. At
> this point,I did :
>
>
> sudo virsh net-info default
>
> then :
>
> sudo virsh net-start default
>
>
> and a lot of shit came out from the manhole [image: :D]:
>
> Error starting network 'default': internal error:
> Failed to apply firewall rules /usr/sbin/iptables -w --table mangle
> --list-rules: iptables v1.8.9 (legacy):
> can't initialize iptables table `mangle': Table does not exist (do you need
> to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
>
>
> Traceback (most recent call last):
> File "/usr/local/share/virt-manager/virtManager/asyncjob.py", line 71, in
> cb_wrapper
> callback(asyncjob, *args, **kwargs)
> File "/usr/local/share/virt-manager/virtManager/asyncjob.py", line 107, in
> tmpcb
> callback(*args, **kwargs)
> File "/usr/local/share/virt-manager/virtManager/object/libvirtobject.py",
> line 57, in newfn
> ret = fn(self, *args, **kwargs)
> ^^^^^^^^^^^^^^^^^^^^^^^^^
> File "/usr/local/share/virt-manager/virtManager/object/network.py", line 69,
> in start
> self._backend.create()
> File "/usr/lib/python3/dist-packages/libvirt.py", line 3547, in create
> raise libvirtError('virNetworkCreate() failed')
> libvirt.libvirtError: internal error: Failed to apply firewall rules
> /usr/sbin/iptables -w --table mangle --list-rules: iptables v1.8.9 (legacy):
> can't initialize iptables table `mangle': Table does not exist (do you need
> to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
>
> and :
>
> *marietto@chromarietto*:*~*$ sudo virsh net-info default
>
> Name: default
>
> UUID: 7c4408b7-5125-4c98-9d53-f1fe109371e3
>
> Active: no
>
> Persistent: yes
>
> Autostart: yes
>
> Bridge: virbr0
>
> *marietto@chromarietto*:*~*$ sudo virsh net-start default
>
> error: Failed to start network default
>
> error: internal error: Failed to apply firewall rules /usr/sbin/iptables
> -w --table mangle --list-rules: iptables v1.8.9 (legacy): can't
> initialize iptables table `mangle': Table does not exist (do you need to
> insmod?). Perhaps iptables or your kernel needs to be upgraded.
>
>
> I tried to fix it with this :
>
>
> $ modprobe iptable_mangle
> modprobe: FATAL: Module iptable_mangle not found in directory
> /lib/modules/5.4.244-stb-cbe
>
>
> so,some options should be enabled inside the kernel,for sure.
>
> I have configured the option "MANGLE" to yes when I have recompiled the
> kernel the last time :
>
> CONFIG_IP_NF_MANGLE=y
> CONFIG_IP_NF_ARP_MANGLE=y
> CONFIG_IP6_NF_MANGLE=y
>
>
> "unfortunately" I'd configured it correctly,so the error should depend on
> something else.
> It would have been too easy to fix the error so fast. Suggestions ?
>
> On Mon, Aug 28, 2023 at 1:16 PM Pavel Hrdina <phrd...@redhat.com> wrote:
>
>> On Sun, Aug 27, 2023 at 06:06:59PM +0200, Mario Marietto wrote:
>> > If I don't launch virtqemud,this is what I have :
>>
>> Yeah you never want to run libvirtd and virtqemud at the same time, more
>> info here <https://libvirt.org/daemons.html>.
>>
>> > marietto@chromarietto:~$ libvirtd &
>>
>> This will not work as expected. If you want to use system connection you
>> need to run libvirtd as root user.
>>
>> > [1] 2083
>> >
>> > marietto@chromarietto:~$ virt-manager
>> >
>> >
>> > A new error comes out :
>> >
>> > Unable to connect to libvirt qemu:///system.
>> >
>> > error from service: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed:
>> > Action org.libvirt.unix.manage is not registered
>> >
>> > Libvirt URI is: qemu:///system
>> >
>> > Traceback (most recent call last):
>> > File "/usr/local/share/virt-manager/virtManager/connection.py", line
>> > 923, in _do_open
>> > self._backend.open(cb, data)
>> > File "/usr/local/share/virt-manager/virtinst/connection.py", line 171,
>> in open
>> > conn = libvirt.openAuth(self._open_uri,
>> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> > File "/usr/lib/python3/dist-packages/libvirt.py", line 147, in openAuth
>> > raise libvirtError('virConnectOpenAuth() failed')
>> > libvirt.libvirtError: error from service:
>> > GDBus.Error:org.freedesktop.PolicyKit1.
>> > Error.Failed: Action org.libvirt.unix.manage is not registered
>>
>> This is polkit trying to authenticate that your user can connect to
>> system connection, libvirt running with root privileges, but you started
>> libvirtd as normal user.
>>
>> The error that "org.libvirt.unix.manage is not registered" means there
>> is no process handling that polkit action as there is no libvirtd
>> running as root.
>>
>> Pavel
>>
>> > On Sun, Aug 27, 2023 at 1:00 AM Mario Marietto <marietto2...@gmail.com>
>> > wrote:
>> >
>> > > Is there someone that can help me ? thanks.
>> > >
>> > > # sudo usermod -a -G libvirt root
>> > > # sudo usermod -a -G libvirtd root
>> > > # sudo usermod -a -G libvirt-qemu libvirt-qemu
>> > > # sudo usermod -a -G libvirt marietto
>> > > # sudo adduser libvirt-qemu
>> > > # sudo groupadd --system libvirt
>> > > # sudo groupadd --system libvirt-qemu
>> > > # sudo newgrp libvirt-qemu
>> > > # newgrp libvirt
>> > >
>> > > # /usr/local/sbin# libvirtd &
>> > > [1] 2875
>> > >
>> > > # virtqemud &
>> > > [2] 2906
>> > >
>> > > # /usr/local/sbin# 2023-08-26 22:53:10.190+0000: 2923: info : libvirt
>> version: 9.7.0
>> > >
>> > > 2023-08-26 22:53:10.190+0000: 2923: info : hostname: chromarietto
>> > > 2023-08-26 22:53:10.190+0000: 2923: error :
>> virPidFileAcquirePathFull:409 :
>> > > Failed to acquire pid file '/var/local/run/libvirt/qemu/driver.pid':
>> > > Resource temporarily unavailable
>> > > 2023-08-26 22:53:10.192+0000: 2923: error : virStateInitialize:672 :
>> > > Initialization of QEMU state driver failed: Failed to acquire pid file
>> > > '/var/local/run/libvirt/qemu/driver.pid': Resource temporarily
>> unavailable
>> > > 2023-08-26 22:53:10.192+0000: 2923: error : daemonRunStateInit:617 :
>> > > Driver state initialization failed
>> > >
>> > > # /usr/local/sbin# ps ax | grep libvirt
>> > > 2875 pts/0 Sl 0:00 libvirtd
>> > >
>> > > # /usr/local/sbin# ps ax | grep virtqemu
>> > >
>> > >
>> > > On Fri, Aug 25, 2023 at 11:43 PM Mario Marietto <
>> marietto2...@gmail.com>
>> > > wrote:
>> > >
>> > >> The real problem seems to be that the libvirtd process won't start :
>> > >>
>> > >> marietto@chromarietto:~$ systemctl enable libvirtd
>> > >>
>> > >> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-unit-files
>> ====
>> > >> Authentication is required to manage system service or unit files.
>> > >> Multiple identities can be used for authentication:
>> > >> 1. linux
>> > >> 2. mario,,, (marietto)
>> > >> Choose identity to authenticate as (1-2): 2
>> > >> Password:
>> > >> ==== AUTHENTICATION COMPLETE ====
>> > >>
>> > >> marietto@chromarietto:~$ systemctl start libvirtd
>> > >>
>> > >> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ====
>> > >> Authentication is required to start 'libvirtd.service'.
>> > >> Multiple identities can be used for authentication:
>> > >> 1. linux
>> > >> 2. mario,,, (marietto)
>> > >> Choose identity to authenticate as (1-2): 2
>> > >> Password:
>> > >> ==== AUTHENTICATION COMPLETE ====
>> > >>
>> > >> marietto@chromarietto:~$ systemctl status libvirtd
>> > >>
>> > >> ○ libvirtd.service - Virtualization daemon
>> > >> Loaded: loaded (/usr/local/lib/systemd/system/libvirtd.service;
>> > >> enabled; preset: enabled)
>> > >> Active: inactive (dead) since Fri 2023-08-25 21:04:37 UTC; 2s ago
>> > >> Duration: 88ms
>> > >> TriggeredBy: ● libvirtd-admin.socket
>> > >> ● libvirtd-ro.socket
>> > >> ● libvirtd.socket
>> > >> Docs: man:libvirtd(8)
>> > >> https://libvirt.org
>> > >> Process: 3488 ExecStart=/usr/local/sbin/libvirtd $LIBVIRTD_ARGS
>> > >> (code=exited, status=0/SUCCESS)
>> > >> Main PID: 3488 (code=exited, status=0/SUCCESS)
>> > >> CPU: 252ms
>> > >>
>> > >> As you can see,it says "inactive". This is the reason :
>> > >>
>> > >> Aug 25 21:22:59 chromarietto libvirtd[3663]: invalid argument:
>> Failed to
>> > >> parse user 'libvirt-qemu'
>> > >> Aug 25 21:22:59 chromarietto libvirtd[3663]: Initialization of QEMU
>> > >> state driver failed: invalid argument: Failed to parse user
>> 'libvirt-qemu'
>> > >> Aug 25 21:22:59 chromarietto libvirtd[3663]: Driver state
>> initialization
>> > >> failed
>> > >> Aug 25 21:22:59 chromarietto systemd[1]: libvirtd.service:
>> Deactivated
>> > >> successfully.
>> > >>
>> > >> On Fri, Aug 25, 2023 at 10:27 PM Mario Marietto <
>> marietto2...@gmail.com>
>> > >> wrote:
>> > >>
>> > >>> I think that what I found is very interesting :
>> > >>>
>> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ systemctl
>> start
>> > >>> virtqemud
>> > >>>
>> > >>> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ====
>> > >>> Authentication is required to start 'virtqemud.service'.
>> > >>> Multiple identities can be used for authentication:
>> > >>> 1. linux
>> > >>> 2. mario,,, (marietto)
>> > >>> Choose identity to authenticate as (1-2): 2
>> > >>> Password:
>> > >>> ==== AUTHENTICATION COMPLETE ====
>> > >>>
>> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ systemctl
>> > >>> enable virtqemud
>> > >>>
>> > >>> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-unit-files
>> ====
>> > >>> Authentication is required to manage system service or unit files.
>> > >>> Multiple identities can be used for authentication:
>> > >>> 1. linux
>> > >>> 2. mario,,, (marietto)
>> > >>> Choose identity to authenticate as (1-2): 2
>> > >>> Password:
>> > >>> ==== AUTHENTICATION COMPLETE ====
>> > >>>
>> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ ls
>> > >>> /var/local/run/libvirt/virtqemud-sock
>> > >>> /var/local/run/libvirt/virtqemud-sock
>> > >>>
>> > >>> but when I launch virt-manager :
>> > >>>
>> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$
>> > >>> /usr/local/bin/./virt-manager
>> > >>>
>> > >>> It tries to connect,but it gets disconnected after a couple of
>> seconds
>> > >>> and the error "Failed to connect socket to
>> > >>> '/var/run/libvirt/virtqemud-sock': No such file or directory' is
>> shown
>> > >>> again.
>> > >>>
>> > >>> In addition,virtqemud-sock is deleted :
>> > >>>
>> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ ls
>> > >>> /var/local/run/libvirt/virtqemud-sock
>> > >>> ls: cannot access '/var/local/run/libvirt/virtqemud-sock': No such
>> file
>> > >>> or directory
>> > >>>
>> > >>>
>> > >>> The same problem I have has been found here and solved :
>> > >>>
>> > >>>
>> > >>>
>> https://unix.stackexchange.com/questions/715726/virsh-list-throw-error-failed-to-connect-socket-to-var-run-libvirt-virtqemud
>> > >>>
>> > >>> On Fri, Aug 25, 2023 at 8:34 PM Mario Marietto <
>> marietto2...@gmail.com>
>> > >>> wrote:
>> > >>>
>> > >>>> I don't agree with some of your assumptions,for example :
>> > >>>>
>> > >>>> 1) to send a screenshot is most of the time more informative than
>> copy
>> > >>>> and paste text,because it contains more information. To describe
>> > >>>> complicated situations using only words takes a LOT of
>> time,sometimes.
>> > >>>> Especially for the newbies,that aren't so skilled and they may
>> have some
>> > >>>> difficulty in including or not some information. And even for the
>> lack of a
>> > >>>> technical language.
>> > >>>>
>> > >>>> 2) From my experience, going to irc to ask for help can be a
>> problem
>> > >>>> for the time zone. Every time I tried to go to an IRC channel,I've
>> always
>> > >>>> found bots and not talking users.
>> > >>>>
>> > >>>> 3) The rejection of emails happens even if I don't attach any
>> > >>>> screenshots (a thing that I do rarely),and my messages are also
>> rejected
>> > >>>> because when I hit reply also all the story is attached. I think
>> that it's
>> > >>>> important to attach the story because it may contains important
>> details
>> > >>>> that could be missed
>> > >>>>
>> > >>>> On Fri, Aug 25, 2023 at 8:24 PM Eric Blake <ebl...@redhat.com>
>> wrote:
>> > >>>>
>> > >>>>> On Fri, Aug 25, 2023 at 07:13:26PM +0200, Mario Marietto wrote:
>> > >>>>> > I've sent you an email on your personal email address because
>> the ML
>> > >>>>> does
>> > >>>>> > not accept pictures,but I need to show you a picture to help
>> you to
>> > >>>>> > understand well. I don't approve this rule of the ML,it does not
>> > >>>>> help those
>> > >>>>> > who want to learn and for this reason need to be exhaustive when
>> > >>>>> there is a
>> > >>>>> > strong need to explain well.
>> > >>>>>
>> > >>>>> The list has a cap at 300k for a reason. Sending larger
>> attachments
>> > >>>>> to the list then multiplies out to gigabytes of network data when
>> > >>>>> counting the number of subscribers, even though many of those
>> > >>>>> subscribers are not actively participating in the thread.
>> Sending a
>> > >>>>> URL to an image hosted externally uses much less bandwidth.
>> Also, if
>> > >>>>> the problem is something that happens in a terminal window, it is
>> less
>> > >>>>> bandwidth-intensive to just copy/paste the contents of the
>> terminal
>> > >>>>> (as text) instead of attaching a screenshot to your email, and no
>> less
>> > >>>>> informative.
>> > >>>>>
>> > >>>>> You may also try IRC; there, you can probably get faster
>> turnaround
>> > >>>>> times than waiting for emails to bounce back and forth.
>> > >>>>> https://libvirt.org/contact.html#irc
>> > >>>>>
>> > >>>>> although at the end of the day, email is more persistent and
>> reaches a
>> > >>>>> larger audience whereas IRC only reaches whoever is online at the
>> time.
>> > >>>>>
>> > >>>>> --
>> > >>>>> Eric Blake, Principal Software Engineer
>> > >>>>> Red Hat, Inc.
>> > >>>>> Virtualization: qemu.org | libguestfs.org
>> > >>>>>
>> > >>>>>
>> > >>>>
>> > >>>> --
>> > >>>> Mario.
>> > >>>>
>> > >>>
>> > >>>
>> > >>> --
>> > >>> Mario.
>> > >>>
>> > >>
>> > >>
>> > >> --
>> > >> Mario.
>> > >>
>> > >
>> > >
>> > > --
>> > > Mario.
>> > >
>> >
>> >
>> > --
>> > Mario.
>>
>
>
> --
> Mario.
>
--
Mario.
