You are not logged in.

#1 2015-05-27 21:09:16

slackcub
Member
Registered: 2009-03-14
Posts: 144

[SOLVED] Unable to launch KVM/libvirt VMs

I performed a system update yesterday, and I am now unable to start any guests via libvirt/KVM.  Here's what journalctl reports when I try to start a machine that is in a saved state:

May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (vnet0): carrier is OFF
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (vnet0): new Tun device (driver: 'unknown' ifindex: 56)
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (vnet0): exported as /org/freedesktop/NetworkManager/Devices/55
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (virbr0): bridge port vnet0 was attached
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (vnet0): enslaved to virbr0
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <error> [1432759965.789279] [devices/nm-device.c:2086] nm_device_generate_connection(): (virbr0): Generated connection does not verify: bridge.forward-delay: value '1' is out of range <2-30>
May 27 15:52:45 IPsoftLappy kernel: device vnet0 entered promiscuous mode
May 27 15:52:45 IPsoftLappy kernel: virbr0: port 2(vnet0) entered listening state
May 27 15:52:45 IPsoftLappy kernel: virbr0: port 2(vnet0) entered listening state
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (vnet0): link connected
May 27 15:52:45 IPsoftLappy dbus[324]: [system] Activating via systemd: service name='org.freedesktop.machine1' unit='dbus-org.freedesktop.machine1.service'
May 27 15:52:45 IPsoftLappy systemd[1]: Cannot add dependency job for unit cups.socket, ignoring: Unit cups.socket failed to load: No such file or directory.
May 27 15:52:45 IPsoftLappy systemd[1]: Starting Virtual Machine and Container Registration Service...
May 27 15:52:45 IPsoftLappy dbus[324]: [system] Successfully activated service 'org.freedesktop.machine1'
May 27 15:52:45 IPsoftLappy systemd[1]: Started Virtual Machine and Container Registration Service.
May 27 15:52:45 IPsoftLappy systemd-machined[21492]: New machine qemu-mwkigit.
May 27 15:52:45 IPsoftLappy systemd[1]: Started Virtual Machine qemu-mwkigit.
May 27 15:52:45 IPsoftLappy systemd[1]: Starting Virtual Machine qemu-mwkigit.
May 27 15:52:45 IPsoftLappy kernel: virbr0: port 2(vnet0) entered disabled state
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (virbr0): bridge port vnet0 was detached
May 27 15:52:45 IPsoftLappy NetworkManager[320]: <info>  (vnet0): released from master virbr0
May 27 15:52:45 IPsoftLappy kernel: device vnet0 left promiscuous mode
May 27 15:52:45 IPsoftLappy kernel: virbr0: port 2(vnet0) entered disabled state
May 27 15:52:45 IPsoftLappy systemd-machined[21492]: Machine qemu-mwkigit terminated.
May 27 15:52:46 IPsoftLappy libvirtd[591]: failed to connect to monitor socket: No such process
May 27 15:52:46 IPsoftLappy libvirtd[591]: internal error: process exited while connecting to monitor: Could not access KVM kernel module: Permission denied
                                           failed to initialize KVM: Permission denied
May 27 15:52:46 IPsoftLappy libvirtd[591]: Unable to restore from managed state /var/lib/libvirt/qemu/save/mwkigit.save. Maybe the file is corrupted?

And if I try to start a guest that is powered down:

May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (vnet0): carrier is OFF
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (vnet0): new Tun device (driver: 'unknown' ifindex: 57)
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (vnet0): exported as /org/freedesktop/NetworkManager/Devices/56
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (virbr0): bridge port vnet0 was attached
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (vnet0): enslaved to virbr0
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <error> [1432760645.546056] [devices/nm-device.c:2086] nm_device_generate_connection(): (virbr0): Generated connection does not verify: bridge.forward-delay: value '1' is out of range <2-30>
May 27 16:04:05 IPsoftLappy kernel: device vnet0 entered promiscuous mode
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (vnet0): link connected
May 27 16:04:05 IPsoftLappy kernel: virbr0: port 2(vnet0) entered listening state
May 27 16:04:05 IPsoftLappy kernel: virbr0: port 2(vnet0) entered listening state
May 27 16:04:05 IPsoftLappy dbus[324]: [system] Activating via systemd: service name='org.freedesktop.machine1' unit='dbus-org.freedesktop.machine1.service'
May 27 16:04:05 IPsoftLappy systemd[1]: Cannot add dependency job for unit cups.socket, ignoring: Unit cups.socket failed to load: No such file or directory.
May 27 16:04:05 IPsoftLappy systemd[1]: Starting Virtual Machine and Container Registration Service...
May 27 16:04:05 IPsoftLappy dbus[324]: [system] Successfully activated service 'org.freedesktop.machine1'
May 27 16:04:05 IPsoftLappy systemd[1]: Started Virtual Machine and Container Registration Service.
May 27 16:04:05 IPsoftLappy systemd-machined[22516]: New machine qemu-Windows7.
May 27 16:04:05 IPsoftLappy systemd[1]: Started Virtual Machine qemu-Windows7.
May 27 16:04:05 IPsoftLappy systemd[1]: Starting Virtual Machine qemu-Windows7.
May 27 16:04:05 IPsoftLappy kernel: virbr0: port 2(vnet0) entered disabled state
May 27 16:04:05 IPsoftLappy kernel: device vnet0 left promiscuous mode
May 27 16:04:05 IPsoftLappy kernel: virbr0: port 2(vnet0) entered disabled state
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (virbr0): bridge port vnet0 was detached
May 27 16:04:05 IPsoftLappy NetworkManager[320]: <info>  (vnet0): released from master virbr0
May 27 16:04:05 IPsoftLappy systemd-machined[22516]: Machine qemu-Windows7 terminated.
May 27 16:04:05 IPsoftLappy libvirtd[591]: failed to connect to monitor socket: No such process
May 27 16:04:05 IPsoftLappy libvirtd[591]: internal error: process exited while connecting to monitor: Could not access KVM kernel module: Permission denied
                                           failed to initialize KVM: Permission denied

I am in the following groups:

$ groups
root wheel video users libvirt kvm
$ 

my polkit has the group libvirt in it:

# cat /etc/polkit-1/rules.d/50-org.libvirt.unix.manage.rules 
polkit.addRule(function(action, subject) {
    if ((action.id == "org.libvirt.unix.manage" || action.id == "org.libvirt.unix.monitor") &&
        subject.isInGroup("libvirt")) {
            return polkit.Result.YES;
    }
});
# 

and some package version info:

$ pacman -Q | grep -iP "virt|qemu"
libvirt 1.2.15-1
libvirt-glib 0.2.0-1
libvirt-python 1.2.15-1
qemu 2.3.0-2
virt-install 1.2.0-2
virt-manager 1.2.0-2
$ 

I'm sure I'm missing something, but I just can't place it.

Last edited by slackcub (2015-06-01 17:47:10)

Offline

#2 2015-06-01 14:12:54

slackcub
Member
Registered: 2009-03-14
Posts: 144

Re: [SOLVED] Unable to launch KVM/libvirt VMs

So, just cause I was curious, I tried starting a vm as root, and got the same error:

[rules.d]# virsh -c qemu:///system start mwkigit
error: Failed to start domain mwkigit
error: internal error: process exited while connecting to monitor: Could not access KVM kernel module: Permission denied
failed to initialize KVM: Permission denied


[rules.d]#

So this is obviously an issue with how the interaction with the KVM module works. How exactly does that happen that no one can access the module?

Last edited by slackcub (2015-06-01 14:13:13)

Offline

#3 2015-06-01 17:46:58

slackcub
Member
Registered: 2009-03-14
Posts: 144

Re: [SOLVED] Unable to launch KVM/libvirt VMs

So I found the issue.  I looked at my /etc/libvirt/qemu.conf and found that the user= line was commented, and group was set to "78".  Apparently during a recent update, something changed my /etc/groups and removed group id 78.  I changed my /etc/libvirt/qemu.conf to have group="kvm", restarted libvirt, and I am now able to use my VMs again.

Offline

Board footer

Powered by FluxBB