I got the same error message on a server, which has libvirt up for weeks. Setting libvirt to run as root (as mentioned in the link) didn't work for me. However, granting read & execute access to /var/lib/libvirt/images solved my problem.
If you follow all the instructions on creating vm using libvirt, you may still meet the error message above. The root cause is AppArmor which can be found on recent Ubuntu distributions. The easiest way is to remove AppArmor if security is not a concern.
The official documentation of Ubuntu gives many advice on disable AppArmor:
I had found the solution to my problem, here it is.
The real reason was that /vms was an NFS mount and its configuration(no_root_squash + rw) was such that it was required to be accessed over root.
By default libvirt runs a virtual machine with the user and group permissions of libvirt-qemu:kvm which would create trouble even if you run it with sudo privileges. So we need to set qemu process's user & group to root in /etc/libvirt/qemu.conf.
Also as others have pointed out, there can be multiple other reasons for this error and its sad that libvirt throws such a generic error.
The least frustrating solution is to give all permissions, disable selinux and make sure that it runs. Now one by one revoke the permissions testing that it works at each step and finally understanding why you were required to give the final set of permissions.
I got this permission denied error on Arch. The problem turned out to be the access control list. Even though the Unix permissions showed group rw, getfacl showed group::---. This fixed it for me:
I confronted with this same problem. And after look into it, I found it is a problem of permission. You can just run the command below to deal with it:
发布评论
评论(6)
我在服务器上收到了相同的错误消息,该服务器已运行 libvirt 数周。
将 libvirt 设置为以 root 身份运行(如链接中所述)对我来说不起作用。
然而,授予读取&执行对
/var/lib/libvirt/images的访问解决了我的问题。I got the same error message on a server, which has
libvirtup for weeks.Setting
libvirtto run as root (as mentioned in the link) didn't work for me.However, granting read & execute access to
/var/lib/libvirt/imagessolved my problem.如果您按照使用 libvirt 创建虚拟机的所有说明进行操作,您可能仍然会遇到上面的错误消息。根本原因是 AppArmor,它可以在最新的 Ubuntu 发行版上找到。如果不考虑安全性,最简单的方法是删除 AppArmor。
Ubuntu的官方文档给出了很多关于禁用AppArmor的建议:
Disable AppArmor
If you follow all the instructions on creating vm using libvirt, you may still meet the error message above. The root cause is AppArmor which can be found on recent Ubuntu distributions. The easiest way is to remove AppArmor if security is not a concern.
The official documentation of Ubuntu gives many advice on disable AppArmor:
Disable AppArmor
我已经找到了解决问题的方法,就在这里。
真正的原因是
/vms是 NFS 挂载,其配置(no_root_squash + rw)要求通过 root 进行访问。默认情况下,libvirt 使用 libvirt-qemu:kvm 的用户和组权限运行虚拟机,即使您使用 sudo 权限运行它也会产生问题。所以我们需要设置qemu进程的用户和用户名。在 /etc/libvirt/qemu.conf 中将组设置为 root。
另外,正如其他人所指出的,导致此错误的原因可能有多种,令人遗憾的是 libvirt 抛出了这样一个通用错误。
最不令人沮丧的解决方案是授予所有权限,禁用 selinux 并确保它运行。现在,逐一撤销它在每个步骤中起作用的权限测试,并最终理解为什么您需要授予最终一组权限。
I had found the solution to my problem, here it is.
The real reason was that
/vmswas an NFS mount and its configuration(no_root_squash + rw) was such that it was required to be accessed over root.By default libvirt runs a virtual machine with the user and group permissions of
libvirt-qemu:kvmwhich would create trouble even if you run it with sudo privileges. So we need to set qemu process's user & group to root in /etc/libvirt/qemu.conf.Also as others have pointed out, there can be multiple other reasons for this error and its sad that libvirt throws such a generic error.
The least frustrating solution is to give all permissions, disable selinux and make sure that it runs. Now one by one revoke the permissions testing that it works at each step and finally understanding why you were required to give the final set of permissions.
如果模块加载得太快™,则可能会发生这种情况(我不知道实际问题,因此如果您知道,请增强此答案)。
只需尝试卸载模块并再次加载它们即可。这对我来说很有效:
This can happen, if the modules were loaded too soon™ (the actual problem is not known to me, so please enhance this answer if you know it).
Just try to unload the modules and load them again. This did the trick for me:
我在 Arch 上收到此权限被拒绝错误。结果发现问题出在访问控制列表上。尽管 Unix 权限显示组
rw,但getfacl显示group::---。这为我解决了这个问题:I got this permission denied error on Arch. The problem turned out to be the access control list. Even though the Unix permissions showed group
rw,getfaclshowedgroup::---. This fixed it for me:我遇到了同样的问题。后来查了一下,发现是权限的问题。您只需运行以下命令即可处理它:
并且不需要重新启动。
I confronted with this same problem. And after look into it, I found it is a problem of permission. You can just run the command below to deal with it:
and you don't need to reboot.