[libvirt] running with UID != 0: internal error about bridged network
Hi folks, I would like to avoid running the virtual hosts with UID=0. But if I try to create a new virtual machine without being root, then it fails with % name=Lenny_amd64 % kvmdir=/local/kvm % mkdir -p $kvmdir/$name % qemu-img create -f qcow2 $kvmdir/$name/hda.qcow2 32G Formatting '/local/kvm/Lenny_amd64/hda.qcow2', fmt=qcow2, size=33554432 kB % virt-install --connect=qemu:///session -n $name -r 1024 -vcpus=1 -f $kvmdir/$name/hda.qcow2 --network=bridge:br0 --vnc --accelerate -v -c /usr/local/source/hdunkel/debian-502-i386-netinst.iso --os-type=linux --os-variant=debianLenny 14:18:35.586: warning : Cannot set group when not running as root 14:18:35.757: error : Domain not found: no domain with matching name 'Lenny_amd64' libvir: QEMU error : Domain not found: no domain with matching name 'Lenny_amd64' The log file shows [Wed, 05 Aug 2009 14:18:35 virt-install 14229] ERROR (virt-install:786) internal error Failed to add tap interface 'vnet%d' to bridge 'br0' : Operation not permitted Traceback (most recent call last): File "/usr/bin/virt-install", line 780, in <module> main() File "/usr/bin/virt-install", line 678, in main start_time, guest.start_install) File "/usr/bin/virt-install", line 733, in do_install dom = install_func(conscb, progresscb, wait=(not wait)) File "/var/lib/python-support/python2.5/virtinst/Guest.py", line 541, in start_install return self._do_install(consolecb, meter, removeOld, wait) File "/var/lib/python-support/python2.5/virtinst/Guest.py", line 633, in _do_install self.domain = self.conn.createLinux(install_xml, 0) File "/usr/lib/python2.5/site-packages/libvirt.py", line 892, in createLinux if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) libvirtError: internal error Failed to add tap interface 'vnet%d' to bridge 'br0' : Operation not permitted Of course an unprivileged user is not allowed to mess around with the network interfaces, but since it says "internal error" I wonder how this is supposed to work? Is there something misconfigured? Any helpful comments would be highly appreciated Harri
On Wed, Aug 05, 2009 at 02:51:14PM +0200, Harald Dunkel wrote:
Hi folks,
I would like to avoid running the virtual hosts with UID=0. But if I try to create a new virtual machine without being root, then it fails with
% name=Lenny_amd64 % kvmdir=/local/kvm % mkdir -p $kvmdir/$name % qemu-img create -f qcow2 $kvmdir/$name/hda.qcow2 32G Formatting '/local/kvm/Lenny_amd64/hda.qcow2', fmt=qcow2, size=33554432 kB % virt-install --connect=qemu:///session -n $name -r 1024 -vcpus=1 -f
The 'qemu:///session' URIs do not have any ability to use bridge/tap based networking modes I'm afraid. qemu:///system is the only option for that kind of networking at this point in time. With the release of libvirt 0.7.0, you can configure qemu:///system to run the QEMU instances as a non-root user id. ie, libvirtd runs as root, but qemu can be told to run as 'qemu'. That is probably the best bet for the case you have. NB by default it uses root, you have to give are argument to configure at build time to change it, or edit /etc/libvirt/qemu.conf Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
participants (2)
-
Daniel P. Berrange -
Harald Dunkel