2

I have a locally built qemu. I am using libvirt python API to defineXML. I get the error:

libvirt: error : internal error: Child process (LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /home/deepti/testqemu/bin/qemu-system-arm -help) unexpected exit status 126: libvirt: error : cannot execute binary /home/deepti/testqemu/bin/qemu-system-arm: Permission denied Traceback (most recent call last): File "testcustomQemu.py", line 70, in dom = conn.defineXML(xmlconfig) File "/home/deepti/.virtualenvs/testlibvirt/local/lib/python2.7/site-packages/libvirt.py", line 3685, in defineXML if ret is None:raise libvirtError('virDomainDefineXML() failed', conn=self) libvirt.libvirtError: internal error: Child process (LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /home/deepti/testqemu/bin/qemu-system-arm -help) unexpected exit status 126: libvirt: error : cannot execute binary /home/deepti/testqemu/bin/qemu-system-arm: Permission denied

The ownership for /home/deepti/testqemu is root:root. Changing the permission to +x also does not work.

What am I missing. How can I get my custom qemu to be taken?

My script and xml are as below:

import libvirt
import sys

xmlconfig = """<domain type='qemu' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
  <name>limom_instance</name>
  <uuid>35615c44-b004-4b3f-9f42-da182b9662ef</uuid>
  <memory unit='KiB'>786432</memory>
  <currentMemory unit='KiB'>786432</currentMemory>
  <vcpu>1</vcpu>
  <os>
    <type arch='armv7l' machine='limott'>hvm</type>
    <kernel>/home/deepti/limom/FinalArtifacts/kerneldist1/zImage</kernel>
    <dtb>/home/deepti/limom/FinalArtifacts/dtbdist1/emmc.dtb</dtb>
  </os>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <emulator>/home/deepti/testqemu/bin/qemu-system-arm</emulator>
    <serial type='pty'>
      <target port='0'/>
    </serial>
    <serial type='pty'>
      <target port='1'/>
    </serial>
    <serial type='pty'>
      <target port='2'/>
    </serial>
    <serial type='pty'>
      <target port='3'/>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <memballoon model='none'/>
  </devices>
  <qemu:commandline>
    <qemu:arg value='-sdl'/>  
    <qemu:arg value='-show-cursor'/>
    <qemu:arg value='-nographic'/>
    <qemu:arg value='-sd'/>
    <qemu:arg value='/home/deepti/limom/FinalArtifacts/emmc.dat'/>
  </qemu:commandline>
</domain>"""

conn = libvirt.open('qemu:///system')
if conn == None:
    print('Failed to open connection to qemu:///system')
    exit(1)

uri = conn.getURI()
print('Canonical URI: '+uri)
dom = conn.defineXML(xmlconfig)
if dom == None:
    print('Failed to define a domain from an XML definition')
    exit(1)


conn.close()
Improve this question
2
  • It's not just the file's permission that matters, but permission to access the directory the file is in. If /home/deepti isn't o+x, nobody but you (or users who are in whatever group owns said directory) can recurse through it. Same for /home/deepti/limom, etc. Commented Feb 14, 2018 at 14:18
  • The easiest way to test this, if you're root, is to sudo -u qemu:qemu bash and then actually try to cd /home/deepti/testqemu/bin/ and ./qemu-system-arm --help or such. If the cd fails, you know directory permissions are the problem. If executing the binary fails, you want to look into its permission *and those of libraries it depends on; the output of ldd ./qemu-system-arm` may be useful. If using sudo to run bash as qemu (or libvirt or whatever the account name is) doesn't let you reproduce the problem, it's time to start investigating SELinux configuration &c. Commented Feb 14, 2018 at 14:22

2 Answers 2

Reset to default
2

On Ubuntu 18, I've to add paths to custom binary and firmware/bios folder to 

/etc/apparmor.d/abstractions/libvirt-qemu
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You're using the system instance of libvirtd, so the QEMU process will run as a qemu:qemu user/group pair. Home directories are normally configured so that other users cannot access any files they contain. IOW, qemu:qemu cannot read /home/deepti/, and thus cannot run the QEMU binary. You could either do "chmod o+x $HOME", or install QEMU in a place like /usr/local instead.

Beware that if the host has SELinux or AppArmor active that may also cause permission problems when using QEMU binaries in unusual locations.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.