| View previous topic :: View next topic |
| Author |
Message |
elover
Apprentice
Joined: 20 Nov 2019
Posts: 170
Location: Spain
|
 Posted: Sat Feb 04, 2023 12:00 pm Post subject: Virtual machines with lxc do not start due to permissions er |
 |
|
Hello, I can't get any virtual machine to work, I get this error message
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
qemu-system-x86_64: ../net/net.c:1106: net_client_init1: Assertion `nc' failed.
The groups
mount | grep cgroup
cgroup_root on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755)
openrc on /sys/fs/cgroup/openrc type cgroup (rw,nosuid,nodev,noexec,relatime,favordynmods,release_agent=/lib/rc/sh/cgroup-release-agent.sh,name=openrc)
none on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,favordynmods)
cpuset on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,favordynmods)
cpu on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,favordynmods)
cpuacct on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,favordynmods)
blkio on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio,favordynmods)
memory on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory,favordynmods)
devices on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices,favordynmods)
freezer on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer,favordynmods)
net_cls on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,favordynmods)
perf_event on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event,favordynmods)
net_prio on /sys/fs/cgroup/net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_prio,favordynmods)
hugetlb on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb,favordynmods)
pids on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids,favordynmods)
rdma on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma,favordynmods)
misc on /sys/fs/cgroup/misc type cgroup (rw,nosuid,nodev,noexec,relatime,misc,favordynmods)
debug on /sys/fs/cgroup/debug type cgroup (rw,nosuid,nodev,noexec,relatime,debug,favordynmods)
systemd on /sys/fs/cgroup/systemd type cgroup (rw,relatime,favordynmods,name=systemd)
tmpfs on /sys/fs/cgroup/portage type cgroup (rw,nosuid,nodev,noexec,relatime,favordynmods,release_agent=/usr/lib/portage/python3.10/cgroup-release-agent,name=portage)
Kernel:
LXC version 5.0.1
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points:
/sys/fs/cgroup/openrc
/sys/fs/cgroup/cpuset
/sys/fs/cgroup/cpu
/sys/fs/cgroup/cpuacct
/sys/fs/cgroup/blkio
/sys/fs/cgroup/memory
/sys/fs/cgroup/devices
/sys/fs/cgroup/freezer
/sys/fs/cgroup/net_cls
/sys/fs/cgroup/perf_event
/sys/fs/cgroup/net_prio
/sys/fs/cgroup/hugetlb
/sys/fs/cgroup/pids
/sys/fs/cgroup/rdma
/sys/fs/cgroup/misc
/sys/fs/cgroup/debug
/sys/fs/cgroup/systemd
/sys/fs/cgroup/portage
Cgroup v2 mount points:
/sys/fs/cgroup/unified
Cgroup v1 clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled, not loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, not loaded
Advanced netfilter: enabled, not loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, not loaded
--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
emerge -pv lxc
[ebuild r U ] app-containers/lxc-5.0.2:0/1.502::gentoo [5.0.1-r2:0/0::gentoo] USE="caps man pam seccomp ssl tools -apparmor -examples -io-uring -lto (-selinux) -systemd -test -verify-sig" 0 KiB
[ebuild rR ] app-containers/lxd-5.0.2-r1::gentoo USE="nls -apparmor -verify-sig" 0 KiB
groups juanpe
lp wheel audio cdrom video users portage kvm lxc lxd docker juanpe |
|
| Back to top |
|
 |
elover
Apprentice
Joined: 20 Nov 2019
Posts: 170
Location: Spain
|
| Posted: Sat Feb 04, 2023 12:06 pm Post subject: |
|
|
If I try to start the instance, I get this error message
lxc start desktop-kde2
Error: Failed setting up device via monitor: Failed setting up device "eth0": Failed adding NIC netdev: Monitor is disconnected
Try `lxc info --show-log desktop-kde2` for more info
lxc info --show-log desktop-kde2
Name: desktop-kde2
Status: STOPPED
Type: virtual-machine
Arquitectura: x86_64
Creado: 2023/02/03 23:44 CET
Registro:
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
qemu-system-x86_64: ../net/net.c:1106: net_client_init1: Assertion `nc' failed. |
|
| Back to top |
|
|
elover
Apprentice
Joined: 20 Nov 2019
Posts: 170
Location: Spain
|
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 22578
|
| Posted: Sat Feb 04, 2023 4:42 pm Post subject: |
|
|
| Could you explain the solution? As I read the linked issue, there is a known problem with qemu-7.2 and this supporting package. Avoiding the failed combination is a workaround, but what is the solution for people who need to use qemu-7.2 and this package? |
|
| Back to top |
|
|
elover
Apprentice
Joined: 20 Nov 2019
Posts: 170
Location: Spain
|
| Posted: Sat Feb 04, 2023 9:03 pm Post subject: |
|
|
| Hu wrote: | | Could you explain the solution? As I read the linked issue, there is a known problem with qemu-7.2 and this supporting package. Avoiding the failed combination is a workaround, but what is the solution for people who need to use qemu-7.2 and this package? |
Well, I don't know, I hope someone will give me the solution. |
|
| Back to top |
|
|
vcmota
Guru
Joined: 19 Jun 2017
Posts: 377
|
| Posted: Sat Feb 18, 2023 7:08 pm Post subject: |
|
|
| Hu wrote: | | Could you explain the solution? As I read the linked issue, there is a known problem with qemu-7.2 and this supporting package. Avoiding the failed combination is a workaround, but what is the solution for people who need to use qemu-7.2 and this package? |
I have exactly the same problem here. I can't start a ubuntu-lts lxd virtual machine, with the exact same error. And downgrade qemu does not seems to be trivial, since it is no longer on the stable tree...
By the way, the error seems to be around at least since november, considering that is the date someone made a patch, although I have no idea if it really works. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 22578
|
| Posted: Sat Feb 18, 2023 7:39 pm Post subject: |
|
|
The patch appears to remove the assert that is causing the fatal exit, so it will solve the immediate problem. Whether the resulting VM will work afterward is a more complex question.
The commit log for the patch suggests to me that the problem is that the guest is started without a network device, then one is later hotplugged in. Perhaps if the guest were started with the proper devices configured, this assertion would not fail. |
|
| Back to top |
|
|
vcmota
Guru
Joined: 19 Jun 2017
Posts: 377
|
| Posted: Wed Jun 07, 2023 4:30 pm Post subject: |
|
|
| Just an update: qemu has been updated to a sligthly newer version, 7.2.0-r3 instead of 7.2.0. The problem however has not been solved. I wonder whether the problem persists with the 8.0 qemu version, already available at upstream but not yet in the stable tree. |
|
| Back to top |
|
|
vcmota
Guru
Joined: 19 Jun 2017
Posts: 377
|
| Posted: Tue Jun 27, 2023 1:44 am Post subject: |
|
|
Recent desperate attempts:
1. I got tired of waiting for qemu-8.0.2 to became stable, so I just unmask it. Installation ok, problem presists;
2. I tried this possible workaround, related to permissions in qemu. Did not work, although one of the four warning messagens have desapeared from the "lxc info --show-log ubuntu-lts" log output;
3. I finally tried the patch that removed the error message, following gentoo instructions. Installation was smooth, and the error message vanishes:
| Code: |
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Status: STOPPED
Type: virtual-machine
Arquitetura: x86_64
Criado: 2022/06/22 18:20 -03
Last Used: 2023/01/27 11:18 -03
Log:
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
|
However, it still does not work:
| Code: |
~> lxc start ubuntu-lts
Error: Failed setting up device via monitor: Failed setting up device "eth0": Failed adding NIC netdev: Device 'lxd_eth0' could not be initialized
Try `lxc info --show-log ubuntu-lts` for more info
|
Question: is there any alternative to qemu? |
|
| Back to top |
|
|
vcmota
Guru
Joined: 19 Jun 2017
Posts: 377
|
| Posted: Thu Apr 18, 2024 5:38 pm Post subject: |
|
|
| This has been solved for my, when working on an apparently unrelated issue. You may take a look here and here. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Other Things Gentoo
