You are not logged in.

Pages: 1

#1 2018-03-08 15:55:30

sp4ke
Member
Registered: 2016-05-14
Posts: 6

[solved] KVM operation not permitted on qemu:///system

Hi All,

first quick summary of the problem:

I can define and run vms on qemu:///session but when I try to run a vm on qemu:///system I get the error:

KVM kernel module: Operation not permitted

I had this problem since I remember installing libvirt, I abandoned fixing it and run my privileged vms with  custom bash scripts and raw qemu commands. I would like to use libvirt to make my life easier so it's time I find where this problem comes from.

I tried every combination possible for user and group in qemu.conf, nothing works.

tried: root/root, root/kvm, myuser/kvm

I enabled debug output for the qemu module in libvirt and we can see that qemu fails to start when calling qmp_capabilities. But there is no way to see what user/group libvirt is trying to run qemu on.

My Environement
Linux myhost 4.14.20-1-ck-haswell #1 SMP PREEMPT Sat Feb 17 11:43:40 EST 2018 x86_64 GNU/Linux
libvirt 4.0.0-1
qemu 2.11.1-1
virt-manager 1.5.0-1
my user id 
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser),7(lp),10(wheel),12(mail),14(uucp),78(kvm),97(input),108(vboxusers),615(plugdev),619(autologin),992(docker),994(libvirt),1001(i2c),1004(fuse)
root user id 
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),19(log),78(kvm),994(libvirt)
kvm and libvirt groups 
$> getent group kvm libvirt

kvm:x:78:myuser,root
libvirt:x:994:myuser,root
/dev/kvm 
  File: /dev/kvm
  Size: 0         	Blocks: 0          IO Block: 4096   character special file
Device: 6h/6d	Inode: 238496      Links: 1     Device type: a,e8
Access: (0666/crw-rw-rw-)  Uid: (    0/    root)   Gid: (   78/     kvm)
Access: 2018-03-08 16:21:29.244569632 +0100
Modify: 2018-03-08 16:21:29.244569632 +0100
Change: 2018-03-08 16:21:29.244569632 +0100
 Birth: -
/etc/libvirt/qemu.conf 
user="myuser"
group="kvm"
cgroup_device_acl = [ "/dev/vfio/31" ]
nvram = [
   "/usr/share/ovmf/ovmf_code_x64.bin:/usr/share/ovmf/ovmf_vars_x64.bin",
]
namespaces = []
/etc/libvirt/libvirtd.conf 
unix_sock_dir = "/var/run/libvirt"
log_level = 4
log_filters="2:libvirt.domain 1:qemu"
log_outputs="1:syslog:qemu"
/etc/polkit-1/rules.d/50-default.rules
polkit.addAdminRule(function(action, subject) {
    return ["unix-group:wheel"];
});
Detailed libvirtd error message when I start a vm from qemu:///system
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainObjBeginJobInternal:4778 : Starting async job: start (vm=0x7f2558019fb0 name=tmp, current job=none async=none)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainObjBeginJobInternal:4827 : Started async job: start (vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessStart:6143 : conn=0x7f2550aef700 driver=0x7f251413e190 vm=0x7f2558019fb0 name=tmp id=-1 asyncJob=start migrateFrom=<null> migrateFd=-1 migratePath=<null> snapshot=(nil) vmop=0 flags=0x1
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessInit:4866 : vm=0x7f2558019fb0 name=tmp id=-1 migration=0
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessInit:4868 : Beginning VM startup process
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessInit:4888 : Determining emulator version
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessStartValidate:4791 : Checking for KVM availability
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessStartValidate:4802 : Checking domain and device security labels
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessStartValidate:4830 : Checking for any possible (non-fatal) issues
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessInit:4905 : Setting current domain def as transient
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : virQEMUCapsCacheLookup:5439 : Returning caps 0x7f251418d120 for /usr/bin/qemu-system-x86_64
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainAssignVirtioSerialAddresses:119 : Finished reserving existing ports
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainUSBAddressAddHubs:2667 : Found 2 USB devices and 6 provided USB ports; adding 0 hubs
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainAssignUSBAddresses:2806 : Existing USB addresses have been reserved
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainAssignUSBAddresses:2814 : Finished assigning USB ports
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5495 : Generating domain security label (if required)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5522 : Assigning domain PCI addresses
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainAssignVirtioSerialAddresses:119 : Finished reserving existing ports
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainUSBAddressAddHubs:2667 : Found 2 USB devices and 6 provided USB ports; adding 0 hubs
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainAssignUSBAddresses:2806 : Existing USB addresses have been reserved
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainAssignUSBAddresses:2814 : Finished assigning USB ports
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5531 : Setting graphics devices
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5535 : Create domain masterKey
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5539 : Setting up storage
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5543 : Prepare chardev source backends for TLS
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5546 : Add secrets to hostdevs and chardevs
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5559 : Preparing monitor state
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareDomain:5568 : Updating guest CPU definition
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareHost:5642 : Preparing network devices
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareHost:5647 : Preparing host devices
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareHost:5656 : Preparing chr devices
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareHost:5668 : Ensuring no historical cgroup is lying around
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareHost:5701 : Write domain masterKey
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessPrepareHost:5705 : Preparing disks (host)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5761 : vm=0x7f2558019fb0 name=tmp id=2 asyncJob=6 incoming.launchURI=<null> incoming.deferredURI=<null> incoming.fd=-1 incoming.path=<null> snapshot=(nil) vmop=0 flags=0x11
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5781 : Creating domain log file
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainLogContextNew:5679 : Context new 0x7f25500b8fb0 stdioLogD=1
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5787 : Building emulator command line
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuBuildCommandLine:10162 : driver=0x7f251413e190 def=0x7f256802bb70 mon=0x7f255019e640 json=1 qemuCaps=0x7f25503bcdf0 migrateURI=(null) snapshot=(nil) vmop=0
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5813 : Building mount namespace
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5819 : Clear emulator capabilities: 1
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5823 : Setting up raw IO
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5833 : Setting up security labelling
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5858 : QEMU vm=0x7f2558019fb0 name=tmp running with pid=13084
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5864 : Writing early domain status to disk
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5868 : Waiting for handshake from child
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5876 : Setting up domain cgroup (if required)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuSetupImagePathCgroup:72 : Allow path /dtt/Isos/systemrescuecd-5.0.3.iso, perms: r
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessInitCpuAffinity:2287 : Set CPU affinity with specified cpuset
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5895 : Setting emulator tuning/settings
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5899 : Setting domain security labels
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5930 : Labelling done, completing handshake to child
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5933 : Handshake complete, child running
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessLaunch:5941 : Waiting for monitor to show up
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuProcessWaitForMonitor:2163 : Connect monitor to 0x7f2558019fb0 'tmp'
Mar 08 16:46:23 myhost qemu[31285]: 31294: info : qemuMonitorOpenInternal:874 : QEMU_MONITOR_NEW: mon=0x7f2550332230 refs=2 fd=26
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainObjBeginJobInternal:4778 : Starting job: async nested (vm=0x7f2558019fb0 name=tmp, current job=none async=start)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainObjBeginJobInternal:4819 : Started job: async nested (async=start vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuDomainObjEnterMonitorInternal:5048 : Entering monitor (mon=0x7f2550332230 vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuMonitorSetCapabilities:1676 : mon:0x7f2550332230 vm:0x7f2558019fb0 json:1 fd:26
Mar 08 16:46:23 myhost qemu[31285]: 31294: debug : qemuMonitorJSONCommandWithFd:301 : Send command '{"execute":"qmp_capabilities","id":"libvirt-1"}' for write with FD -1
Mar 08 16:46:23 myhost qemu[31285]: [138B blob data]
Mar 08 16:46:24 myhost qemu[31285]: 31285: error : qemuMonitorIORead:611 : Unable to read from monitor: Connection reset by peer
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuDomainLogContextRead:5793 : Context read 0x7f25500b8fb0 manager=0x7f2550026b60 inode=656166 pos=5209
Mar 08 16:46:24 myhost qemu[31285]: 31285: error : qemuProcessReportLogError:1914 : internal error: qemu unexpectedly closed the monitor: Could not access KVM kernel module: Operation not permitted
                myhost              2018-03-08T15:46:23.515530Z qemu-system-x86_64: failed to initialize KVM: Operation not permitted
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuMonitorIO:770 : Error on monitor internal error: qemu unexpectedly closed the monitor: Could not access KVM kernel module: Operation not permitted
                myhost              2018-03-08T15:46:23.515530Z qemu-system-x86_64: failed to initialize KVM: Operation not permitted
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuMonitorIO:801 : Triggering error callback
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuProcessHandleMonitorError:338 : Received error on 0x7f2558019fb0 'tmp'
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuMonitorSend:1091 : Send command resulted in error internal error: qemu unexpectedly closed the monitor: Could not access KVM kernel module: Operation not permitted
                myhost              2018-03-08T15:46:23.515530Z qemu-system-x86_64: failed to initialize KVM: Operation not permitted
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuMonitorJSONCommandWithFd:306 : Receive command reply ret=-1 rxObject=(nil)
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainObjExitMonitorInternal:5071 : Exited monitor (mon=0x7f2550332230 vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuMonitorIO:770 : Error on monitor internal error: qemu unexpectedly closed the monitor: Could not access KVM kernel module: Operation not permitted
                myhost              2018-03-08T15:46:23.515530Z qemu-system-x86_64: failed to initialize KVM: Operation not permitted
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainObjEndJob:4979 : Stopping job: async nested (async=start vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuMonitorIO:791 : Triggering EOF callback
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainLogContextRead:5793 : Context read 0x7f25500b8fb0 manager=0x7f2550026b60 inode=656166 pos=5209
Mar 08 16:46:24 myhost qemu[31285]: 31294: error : qemuProcessReportLogError:1914 : internal error: process exited while connecting to monitor: Could not access KVM kernel module: Operation not permitted
                myhost              2018-03-08T15:46:23.515530Z qemu-system-x86_64: failed to initialize KVM: Operation not permitted
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainLogContextDispose:157 : ctxt=0x7f25500b8fb0
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuProcessStop:6346 : Shutting down vm=0x7f2558019fb0 name=tmp id=2 pid=13084, reason=failed, asyncJob=start, flags=0x0
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainObjBeginJobInternal:4778 : Starting job: async nested (vm=0x7f2558019fb0 name=tmp, current job=none async=start)
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainObjBeginJobInternal:4819 : Started job: async nested (async=start vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainLogAppendMessage:5862 : Append log message (vm='tmp' message='2018-03-08 15:46:24.105+0000: shutting down, reason=failed
                myhost              ) stdioLogD=1
Mar 08 16:46:24 myhost qemu[31285]: 31294: info : qemuMonitorClose:1009 : QEMU_MONITOR_CLOSE: mon=0x7f2550332230 refs=3
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuProcessKill:6262 : vm=0x7f2558019fb0 name=tmp pid=13084 flags=0x5
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainCleanupRun:6415 : driver=0x7f251413e190, vm=tmp
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuProcessAutoDestroyRemove:6941 : vm=tmp
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainObjEndJob:4979 : Stopping job: async nested (async=start vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:24 myhost qemu[31285]: 31294: debug : qemuDomainObjEndAsyncJob:4996 : Stopping async job: start (vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuProcessHandleMonitorEOF:289 : Received EOF on 0x7f2558019fb0 'tmp'
Mar 08 16:46:24 myhost qemu[31285]: 31285: debug : qemuMonitorDispose:333 : mon=0x7f2550332230
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : qemuProcessEventHandler:4822 : vm=0x7f2558019fb0, event=6
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : qemuProcessKill:6262 : vm=0x7f2558019fb0 name=tmp pid=-1 flags=0x1
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : qemuProcessKill:6266 : VM 'tmp' not active
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : qemuDomainObjBeginJobInternal:4778 : Starting job: destroy (vm=0x7f2558019fb0 name=tmp, current job=none async=none)
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : qemuDomainObjBeginJobInternal:4819 : Started job: destroy (async=none vm=0x7f2558019fb0 name=tmp)
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : processMonitorEOFEvent:4786 : Domain 0x7f2558019fb0 'tmp' is not active, ignoring EOF
Mar 08 16:46:24 myhost qemu[31285]: 9359: debug : qemuDomainObjEndJob:4979 : Stopping job: destroy (async=none vm=0x7f2558019fb0 name=tmp)
last monitor log for that vm in /var/log/libvirt/qemu
2018-03-08 15:46:23.466+0000: starting up libvirt version: 4.0.0, qemu version: 2.11.1, hostname: myhost
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin QEMU_AUDIO_DRV=spice /usr/bin/qemu-system-x86_64 -name guest=tmp,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-2-tmp/master-key.aes -machine pc-i440fx-2.10,accel=kvm,usb=off,vmport=off,dump-guest-core=off -cpu Haswell-noTSX -m 2048 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 4e5c40d3-0e08-46fc-95d5-c98aaa9caca9 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-2-tmp/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=delay -no-hpet -no-shutdown
-global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot menu=on,strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device ahci,id=sata0,bus=pci.0,addr=0x9 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive file=/dtt/Isos/systemrescuecd-5.0.3.iso,format=raw,if=none,id=drive-ide0-0-0,readonly=on -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -netdev tap,fd=26,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:44:c1:62,bus=pci.0,addr=0x3 -netdev tap,fd=29,id=hostnet1,vhost=on,vhostfd=30 -device virtio-net-pci,netdev=hostnet1,id=net1,mac=52:54:00:b6:36:95,bus=pci.0,addr=0x8 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vram64_size_mb=0,vgamem_mb=16,max_outputs=1,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0,bus=usb.0,port=2 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1,bus=usb.0,port=3 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -msg timestamp=on
Could not access KVM kernel module: Operation not permitted
2018-03-08T15:46:23.515530Z qemu-system-x86_64: failed to initialize KVM: Operation not permitted
2018-03-08 15:46:24.105+0000: shutting down, reason=failed

Last edited by sp4ke (2018-03-09 00:59:00)

Offline

#2 2018-03-09 00:58:36

sp4ke
Member
Registered: 2016-05-14
Posts: 6

Re: [solved] KVM operation not permitted on qemu:///system

Solved from a user on reddit. /dev/kvm was not on the cgroup_device_acl on qemu.conf. I must've modified this sometime when I was setting up vfio passthrough.

Offline

Pages: 1

Board footer

Powered by FluxBB