1

For some project I need to have QEMU/KVM virtual machine with raw disk image.
So I have created this raw disk image as simple as

dd if=/dev/zero of=~/disk.img bs=1M count=3092

and got 3 Gb of space on it.

Then I have set-up new virtual machine from Virtual Machine Manager (virt-manager) on Ubuntu 16.04 LTS using my normal account. So I have installed the Ubuntu from mini.iso to inside the ~/disk.img. My user is a member of libvirtd group. I can boot the VM when virtual disk image is inside my home folder.

Then I moved this file to the external FAT32 (vfat) medium which is mounted read-and-write. So it is located inside /media/username/FLASH/disk.img. I specified this path in the Virtual Disk setting section of the virtual machine.

But when I try to start this machine I get the following error message:

Error starting domain: internal error: process exited while connecting to monitor: 2020-01-22T21:45:20.221697Z qemu-system-x86_64: -drive file=/media/username/FLASH/disk.img,format=raw,if=none,id=drive-ide0-0-1: Could not open '/media/username/FLASH/disk.img': Permission denied

And this message persists even if I run the Virtual Machine Manager as root using sudo virt-manager.

The permissions of this file are the following:

$ ls -al /media/username/FLASH/disk.img 
-rw-r--r-- 1 username username 3221225472 Jan 23 00:18 /media/username/FLASH/disk.img

Also I tried to create a symbolic link using ln -s /media/username/FLASH/disk.img ~/disk.img and set machine to use the latter disk path. But it does not work too.

How can I boot QEMU/KVM virtual machine from the disk image located on external storage?

N0rbert
  • 99,918
  • Hi N0rbert, could it be that the apparmor protection kicks in protecting you a bit too much. Have a look at https://wiki.ubuntu.com/LibvirtApparmor#Using_uncommon_paths and let me know if that would be a good answer for your case. – Christian Ehrhardt Jan 24 '20 at 06:18
  • I have stopped apparmor, but issue persists. What is interesting - executing qemu-system-x86_64 -drive file=/media/username/FLASH/disk.img,format=raw -m 1024 as my normal users boots VM without issues. While virt-manager tries to launch it as libvirt-qemu user. So seems to be unix-file permissions issue as described in answer below. – N0rbert Jan 24 '20 at 18:40

1 Answers1

1

I had this permissions issue when running VM's from a thumb drive.

The problem I was having was that my system (Fedora 27) automatically mounts new drives (external HDDs, USB, SD) to

/run/media/(username)/(device name) (on your system it's /media/username/....)

For whatever reason this causes the permissions issue. By default it was mounted with fmask=0022 and dmask=0022 (use man mount for details). To fix the issue we need to unmount the drive from that location as root, and then mount it to /mnt. In the example below the thumb drive is /dev/sdc1. We need to remount it with fmask=0011 to allow write access for all users and groups.

# su  -     (then enter root password)
# umount  /run/media/yourusername/devicename
# mount  /dev/sdc1 /mnt -o fmask=0011        (mount usb to /mnt)

After that I just made sure to have symbolic links from the original location of the qcow2 drives to the new location (still as root)

# cd  /var/lib/libvirt/images
# ln  -s  (new target)  (link name)

so if your VM is named MyVM

# ln  -s  /mnt/Myvm.qcow2  MyVm.qcow2

Once I saw that my VMs were now working, I edited /etc/fstab to automatically mount the drive at /mnt. The folders and qcow2 drives were owned by my standard user account and group. I am sure there are better ways to do it, but this is what worked for me.

N0rbert
  • 99,918
Gordster
  • 1,719
  • 1
    I have added fmask=0011 to the mount options and this did the trick. Thank you for the idea and whole method! – N0rbert Jan 23 '20 at 13:43