View previous topic :: View next topic |
Author |
Message |
vcmota Guru
![Guru Guru](/images/ranks/rank_rect_3.gif)
Joined: 19 Jun 2017 Posts: 393
|
Posted: Mon Feb 10, 2025 12:34 am Post subject: Can't start my lxc virtual machine... |
|
|
I am stuck with a non functioning lxc virtual machine for more than six months now. For the sake of objetivity, this is what happens:
Code: |
~> sudo mkdir -p /sys/fs/cgroup/systemd
Senha:
~> sudo mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
~> sudo rc-service lxd start
* Starting lxcfs. ... [ ok ]
* Starting lxd service ... [ ok ]
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~> lxc start ubuntu-lts
Error: Unable to locate the file for firmware "OVMF_CODE.fd"
Try `lxc info --show-log ubuntu-lts` for more info
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Status: STOPPED
Type: virtual-machine
Arquitetura: x86_64
Criado: 2022/06/22 18:20 -03
Last Used: 2024/07/05 15:44 -03
Error: open /var/log/lxd/ubuntu-lts/qemu.log: no such file or directory
~>
|
Here is the output of the more detailed " lxc start ubuntu-lts --debug". In the last days I've tried a lot of reading of issues I had in the past also with this virtual machine, but it does not seems related.
Regarding the current issue, I have been searching for "ovmf" files in my machine for some time. Here is a simple "find" output:
Code: |
root ~ > find / -type f -name "*ovmf*"
/usr/share/qemu/firmware/50-edk2-ovmf-x64-sb.json
/usr/share/qemu/firmware/60-edk2-ovmf-x64.json
/usr/libexec/xen/boot/ovmf.bin
/var/db/repos/gentoo/sys-firmware/edk2/files/descriptors/40-edk2-ovmf-4m-qcow2-x64-sb.json
/var/db/repos/gentoo/sys-firmware/edk2/files/descriptors/41-edk2-ovmf-2m-raw-x64-sb.json
/var/db/repos/gentoo/sys-firmware/edk2/files/descriptors/31-edk2-ovmf-2m-raw-x64-sb-enrolled.json
/var/db/repos/gentoo/sys-firmware/edk2/files/descriptors/30-edk2-ovmf-4m-qcow2-x64-sb-enrolled.json
/var/db/repos/gentoo/sys-firmware/edk2/files/descriptors/51-edk2-ovmf-2m-raw-x64-nosb.json
/var/db/repos/gentoo/sys-firmware/edk2/files/descriptors/50-edk2-ovmf-4m-qcow2-x64-nosb.json
/var/cache/distfiles/edk2-ovmf-202105-r1-bin.tar.xz
/var/cache/distfiles/edk2-ovmf-202105-qemu-firmware.tar.xz
/var/cache/distfiles/edk2-ovmf-202202-1.xpak
root ~ >
|
I have been googling for ovmf in gentoo and have found that "edk2-ovmf" may contain this firmware. But I can't install it:
Code: |
~> sudo emerge --ask edk2
Senha:
These are the packages that would be merged, in order:
Calculating dependencies... done!
Dependency resolution took 3.75 s (backtrack: 0/20).
[ebuild N ] sys-firmware/edk2-202408 USE="-secureboot"
[blocks B ] sys-firmware/edk2-bin ("sys-firmware/edk2-bin" is soft blocking sys-firmware/edk2-202408)
[blocks B ] sys-firmware/edk2 ("sys-firmware/edk2" is soft blocking sys-firmware/edk2-bin-202202)
* Error: The above package list contains packages which cannot be
* installed at the same time on the same system.
(sys-firmware/edk2-bin-202202:0/0::gentoo, installed) pulled in by
~sys-firmware/edk2-bin-202202 required by (app-emulation/qemu-9.1.2:0/0::gentoo, installed) USE="aio alsa bzip2 curl fdt filecaps fuse gnutls jpeg ncurses nls opengl oss pam pin-upstream-blobs png pulseaudio
seccomp (selinux) slirp spice udev usbredir vhost-net virtfs vnc xattr xen -accessibility -bpf -capstone -debug -doc -glusterfs -gtk -infiniband -io-uring -iscsi -jack -jemalloc -keyutils -lzo -multipath -nfs -numa -pipewire -plugins -python -rbd -sasl -sdl -sdl-image -smartcard -snappy -ssh -static-user -systemtap -test -usb -vde -virgl -vte -xdp -zstd" ABI_X86="(64)" PYTHON_TARGETS="python3_12 -python3_10 -python3_11 -python3_13" QEMU_SOFTMMU_TARGETS="arm sparc x86_64 -aarch64 -alpha -avr -cris -hppa -i386 -loongarch64 -m68k -microblaze -microblazeel -mips -mips64 -mips64el -mipsel -or1k -ppc -ppc64 -riscv32 -riscv64 -rx -s390x -sh4 -sh4eb -sparc64 -tricore -xtensa -xtensaeb" QEMU_USER_TARGETS="x86_64 -aarch64 -aarch64_be -alpha -arm -armeb -cris -hexagon -hppa -i386 -loongarch64 -m68k -microblaze -microblazeel -mips -mips64 -mips64el -mipsel -mipsn32 -mipsn32el -or1k -ppc -ppc64 -ppc64le -riscv32 -riscv64 -s390x -sh4 -sh4eb -sparc -sparc32plus -sparc64 -xtensa -xtensaeb"
(sys-firmware/edk2-202408:0/0::gentoo, ebuild scheduled for merge) pulled in by
edk2
For more information about Blocked Packages, please refer to the following
section of the Gentoo Linux x86 Handbook (architecture is irrelevant):
https://wiki.gentoo.org/wiki/Handbook:X86/Working/Portage#Blocked_packages
~>
|
In the last days I had a lot of help installing xen-tools, since it has some relation with this firmware, but it did not solve the issue.
So this is it. I would love to get back my lxc virtual machine but I am lost...
Here is the output of emerge --info. |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
sam_ Developer
![Developer Developer](/images/ranks/rank-dev.gif)
![](images/avatars/7738740495f7d1acc45bdb.jpg)
Joined: 14 Aug 2020 Posts: 2138
|
Posted: Mon Feb 10, 2025 12:53 am Post subject: |
|
|
juippis is really the expert on this but I remember we had bug 946184 in the past. Not sure if maybe lxc needs some similar change or what. This might be completely unrelated though, I'm just commenting to give you a hint if you're stuck, in lieu of other answers. |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
zen_desu Tux's lil' helper
![Tux's lil' helper Tux's lil' helper](/images/ranks/rank_rect_1.gif)
Joined: 25 Oct 2024 Posts: 136
|
Posted: Mon Feb 10, 2025 12:59 am Post subject: |
|
|
I think lxc just uses qemu, and qemu pulls the bin variant of edk2 by default. is edk2-bin installed? I haven't used lxd so im not sure if that is related.
Are you able to make standard qemu vms? _________________ µgRD dev
Wiki writer |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
vcmota Guru
![Guru Guru](/images/ranks/rank_rect_3.gif)
Joined: 19 Jun 2017 Posts: 393
|
Posted: Mon Feb 10, 2025 1:05 am Post subject: |
|
|
zen_desu wrote: | I think lxc just uses qemu, and qemu pulls the bin variant of edk2 by default. is edk2-bin installed? I haven't used lxd so im not sure if that is related. |
Thank you zen for your reply. Yes, edk2-bin is installed:
Code: |
moraes ~ # equery list edk2-bin
* Searching for edk2-bin ...
[IP-] [ ] sys-firmware/edk2-bin-202202:0
moraes ~ #
|
pulled by qemu as you have said:
Code: |
~> equery depends edk2-bin
* These packages depend on edk2-bin:
app-emulation/qemu-9.1.2 (pin-upstream-blobs ? ~sys-firmware/edk2-bin-202202)
(!pin-upstream-blobs ? >=sys-firmware/edk2-bin-202202)
(pin-upstream-blobs ? ~sys-firmware/edk2-bin-202202)
(!pin-upstream-blobs ? >=sys-firmware/edk2-bin-202202)
(pin-upstream-blobs ? ~sys-firmware/edk2-bin-202202)
(!pin-upstream-blobs ? >=sys-firmware/edk2-bin-202202)
(pin-upstream-blobs ? ~sys-firmware/edk2-bin-202202)
(!pin-upstream-blobs ? >=sys-firmware/edk2-bin-202202)
~>
|
but edk2 is not:
Code: |
~> equery list edk2
!!! No installed packages matching 'edk2'
* Searching for edk2 ...
~>
|
and I am failing to install it:
Code: |
~> sudo emerge --ask edk2
Senha:
These are the packages that would be merged, in order:
Calculating dependencies... done!
Dependency resolution took 3.75 s (backtrack: 0/20).
[ebuild N ] sys-firmware/edk2-202408 USE="-secureboot"
[blocks B ] sys-firmware/edk2-bin ("sys-firmware/edk2-bin" is soft blocking sys-firmware/edk2-202408)
[blocks B ] sys-firmware/edk2 ("sys-firmware/edk2" is soft blocking sys-firmware/edk2-bin-202202)
* Error: The above package list contains packages which cannot be
* installed at the same time on the same system.
(sys-firmware/edk2-bin-202202:0/0::gentoo, installed) pulled in by
~sys-firmware/edk2-bin-202202 required by (app-emulation/qemu-9.1.2:0/0::gentoo, installed) USE="aio alsa bzip2 curl fdt filecaps fuse gnutls jpeg ncurses nls opengl oss pam pin-upstream-blobs png pulseaudio
seccomp (selinux) slirp spice udev usbredir vhost-net virtfs vnc xattr xen -accessibility -bpf -capstone -debug -doc -glusterfs -gtk -infiniband -io-uring -iscsi -jack -jemalloc -keyutils -lzo -multipath -nfs -numa -pipewire -plugins -python -rbd -sasl -sdl -sdl-image -smartcard -snappy -ssh -static-user -systemtap -test -usb -vde -virgl -vte -xdp -zstd" ABI_X86="(64)" PYTHON_TARGETS="python3_12 -python3_10 -python3_11 -python3_13" QEMU_SOFTMMU_TARGETS="arm sparc x86_64 -aarch64 -alpha -avr -cris -hppa -i386 -loongarch64 -m68k -microblaze -microblazeel -mips -mips64 -mips64el -mipsel -or1k -ppc -ppc64 -riscv32 -riscv64 -rx -s390x -sh4 -sh4eb -sparc64 -tricore -xtensa -xtensaeb" QEMU_USER_TARGETS="x86_64 -aarch64 -aarch64_be -alpha -arm -armeb -cris -hexagon -hppa -i386 -loongarch64 -m68k -microblaze -microblazeel -mips -mips64 -mips64el -mipsel -mipsn32 -mipsn32el -or1k -ppc -ppc64 -ppc64le -riscv32 -riscv64 -s390x -sh4 -sh4eb -sparc -sparc32plus -sparc64 -xtensa -xtensaeb"
(sys-firmware/edk2-202408:0/0::gentoo, ebuild scheduled for merge) pulled in by
edk2
For more information about Blocked Packages, please refer to the following
section of the Gentoo Linux x86 Handbook (architecture is irrelevant):
https://wiki.gentoo.org/wiki/Handbook:X86/Working/Portage#Blocked_packages
~>
|
|
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
zen_desu Tux's lil' helper
![Tux's lil' helper Tux's lil' helper](/images/ranks/rank_rect_1.gif)
Joined: 25 Oct 2024 Posts: 136
|
Posted: Mon Feb 10, 2025 1:09 am Post subject: |
|
|
I think that is just the compiled version of the same package, sorta like gentoo-kernel and gentoo-kernel-bin. If you have the -bin variant I think things should function, unless a custom compile is required here (not sure why it would be)
If you're able to confirm running a QEMU vm works, possibly even using libvirtd to simplify that a bit, that can confirm you have necessary components to make a vm.
It may help to isolate this to a LXC issue by trying to use it directly, instead of with LXD. I've never used LXD but considered incus. _________________ µgRD dev
Wiki writer |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
vcmota Guru
![Guru Guru](/images/ranks/rank_rect_3.gif)
Joined: 19 Jun 2017 Posts: 393
|
Posted: Mon Feb 10, 2025 1:10 am Post subject: |
|
|
sam_ wrote: | juippis is really the expert on this but I remember we had bug 946184 in the past. Not sure if maybe lxc needs some similar change or what. This might be completely unrelated though, I'm just commenting to give you a hint if you're stuck, in lieu of other answers. |
Thank you sam_ for your reply. I was reading the bug report and it says in the solution "add 'qemu' use flag to pull all necessary dependencies to allow managing qemu-based virtual machines in incus". I can see that neither lxd, lxc nor incus have qemu as flags:
Code: |
root ~> equery uses lxd
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-containers/lxd-5.21.1-r1:
U I
- - apparmor : Enable support for the AppArmor application security system
+ + nls : Add Native Language Support (using gettext - GNU locale utilities)
+ + verify-sig : Verify upstream signatures on distfiles
root ~> equery uses lxc
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-containers/lxc-6.0.3:
U I
- - apparmor : Enable support for the AppArmor application security system
- - examples : Install examples, usually source code
- - io-uring : Enable the use of io_uring for efficient asynchronous IO and system requests
- - man : Build and install man pages
+ + pam : Add support for PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip
+ + seccomp : Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs
+ + ssl : Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security)
- - systemd : Enable use of systemd-specific libraries and features like socket activation or session tracking
- - test : Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)
+ + tools : Build and install additional command line tools
+ + verify-sig : Verify upstream signatures on distfiles
root ~> equery uses incus
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-containers/incus-6.0.2:
U I
- - apparmor : Enable support for the AppArmor application security system
- - fuidshift : Install the fuidshift binary - currently conflicts with app-containers/lxd
+ + nls : Add Native Language Support (using gettext - GNU locale utilities)
- - verify-sig : Verify upstream signatures on distfiles
|
So, should I try adding qemu as a global use flag? |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
sam_ Developer
![Developer Developer](/images/ranks/rank-dev.gif)
![](images/avatars/7738740495f7d1acc45bdb.jpg)
Joined: 14 Aug 2020 Posts: 2138
|
Posted: Mon Feb 10, 2025 1:16 am Post subject: |
|
|
Looks like the ~arch versions of incus have USE=qemu but not the stable versions yet (6.0.3 for LTS, 6.9-r2 for upstream 'stable' rather than Gentoo 'stable'). |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
vcmota Guru
![Guru Guru](/images/ranks/rank_rect_3.gif)
Joined: 19 Jun 2017 Posts: 393
|
Posted: Mon Feb 10, 2025 1:17 am Post subject: |
|
|
zen_desu wrote: | If you're able to confirm running a QEMU vm works, possibly even using libvirtd to simplify that a bit, that can confirm you have necessary components to make a vm. |
Thank you zen for your reply. I am not sure what you mean here: my vm has surely worked for a long time until that issue showed up, six months ago.
zen_desu wrote: | It may help to isolate this to a LXC issue by trying to use it directly, instead of with LXD. I've never used LXD but considered incus. |
I have chosen to use lxd jointly with lxc after reading the gentoo documentation, which also says that incus is a fork of lxd. But I am no expert: I am not sure that is necessary at all... |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
zen_desu Tux's lil' helper
![Tux's lil' helper Tux's lil' helper](/images/ranks/rank_rect_1.gif)
Joined: 25 Oct 2024 Posts: 136
|
Posted: Mon Feb 10, 2025 1:38 am Post subject: |
|
|
I mean now that this issue exists, are you sure it applies to LXD, LXC, and/or QEMU? I'm not sure where things are breaking here. _________________ µgRD dev
Wiki writer |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
vcmota Guru
![Guru Guru](/images/ranks/rank_rect_3.gif)
Joined: 19 Jun 2017 Posts: 393
|
Posted: Mon Feb 10, 2025 1:55 am Post subject: |
|
|
zen_desu wrote: | I mean now that this issue exists, are you sure it applies to LXD, LXC, and/or QEMU? I'm not sure where things are breaking here. |
Ah ok, now I understand your point. Yes, I have no idea where it is breaking. Might even be somewhere else, like libvirtd... In the last case scenario, I might jus remove everything and rebuild it from scratch, trying the most minimalistic vm install possible, which would probably mean abandoning lxd. The problem is that I would like to recover this specific lxc virtual machine... |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
zen_desu Tux's lil' helper
![Tux's lil' helper Tux's lil' helper](/images/ranks/rank_rect_1.gif)
Joined: 25 Oct 2024 Posts: 136
|
Posted: Mon Feb 10, 2025 2:03 am Post subject: |
|
|
vcmota wrote: | zen_desu wrote: | I mean now that this issue exists, are you sure it applies to LXD, LXC, and/or QEMU? I'm not sure where things are breaking here. |
Ah ok, now I understand your point. Yes, I have no idea where it is breaking. Might even be somewhere else, like libvirtd... In the last case scenario, I might jus remove everything and rebuild it from scratch, trying the most minimalistic vm install possible, which would probably mean abandoning lxd. The problem is that I would like to recover this specific lxc virtual machine... |
95%+ of what you want to save is likely in the disk image, wherever that may be stored. That sort of thing can typically be used with just about any vm system, possibly needing to be converted to another format.
I think in this case libvirtd would be an alternative way to interface with qemu, but you should be able to use qemu directly, it just takes a handful of args and a bit more know how, while libvirtd can be used with virt-manager. _________________ µgRD dev
Wiki writer |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|