Enabling libvirt channels by adding virtio_console to the openSUSE installation

libvirt supports the concept of so-called channels that represent private communication channels between a libvirt guest and its host.
Continue reading “Enabling libvirt channels by adding virtio_console to the openSUSE installation”

Connecting to libvirtd as non-root user on openSUSE 13.1

As a revisit to my previous post on connecting to libvirtd as a non-root user on openSUSE 12.2, the way to do it on openSUSE 13.1 is the same that worked for Marek Goldmann on Fedora 18 (although he used the wheel group).

Create /etc/polkit-1/rules.d/80-libvirt-manage.rules with the following content:

polkit.addRule(function(action, subject) {
    if (action.id == "org.libvirt.unix.manage" &&
        subject.active == true && subject.local == true &&
        subject.isInGroup("libvirt")) {
            return polkit.Result.YES;
    }
});

And add the user accounts that should be allowed access to the libvirt group.

Coexistance of SuSEfirewall and libvirt – restoring libvirt’s firewall rules automatically

Running libvirtd on openSUSE, you might eventually run into the situation that your KVM guests sooner or later lose network connectivity to the outside world, if some interface on the KVM host goes up or down or SuSEfirewall is run for some other reason, eg. manual restart. Continue reading “Coexistance of SuSEfirewall and libvirt – restoring libvirt’s firewall rules automatically”

Connecting to libvirtd as non-root user on openSUSE 12.2

An old bug still bites one trying to connect to libvirtd/, eg. when starting virt-manager. By default, a password prompt asking for the root password appears. You might think that virt-manager would behave like VirtualBox and adding yourself to the libvirt group would suffice but to no avail. While that group exists, in the default configuration adding yourself to it is not sufficient. The reason most probably being that one does not want to dictate a default authorization policy. So far, so bad.

The polkit-auth command referenced in the “official” openSUSE 12.2 documentation is no longer available. But even if you create the /etc/polkit-1/localauthority/50-local.d/50-libvirt-nonroot.pkla file with the contents


[libvirt non-root access]
Identity=unix-group:libvirt
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes

this won’t work, because the openSUSE-supplied file /var/lib/polkit-1/localauthority/10-vendor.d/org.libvirt.unix.manage.pkla always seems to take precendence. The fix is to make the latter file empty.

This was reported as BNC #544579, but still seems to apply to openSUSE 12.2 as well.

PXE booting inside VirtualBox and KVM virtual machines stopwatched (2/2)

As a followup to my earlier post, I also did some tests with iPXE‘s bin/undionly.kpxe and bin/undionly.kkpxe targets.
Continue reading “PXE booting inside VirtualBox and KVM virtual machines stopwatched (2/2)”

PXE booting inside VirtualBox and KVM virtual machines stopwatched (1/2)

During the past days at FOSDEM, I wanted to do some work on automatic OS installs via PXE servers. Therefore, I set up a virtual machine in VirtualBox and enabled network booting. VirtualBox has a sparely documented DHCP/TFTP server built-in when you set up the network adapter in NAT mode, but for all what it’s worth it doesn’t give any useful debug information in the logs and is more convenient than flexible. Thus, I configured the VM to do host-only networking, which gives me an interface vboxnet0 at host side (configured as 192.168.56.1/24), on which I let dnsmasq listen.
Continue reading “PXE booting inside VirtualBox and KVM virtual machines stopwatched (1/2)”

libvirt utilities on openSUSE 12.1 appear to be broken

The libvirt tools on openSUSE 12.1 currently cause me some headache:


edgar:~ # ps ax | grep libvirtd
2742 ? Sl 2:47 /usr/sbin/libvirtd -d -l
16599 pts/0 S+ 0:00 grep --color=auto libvirtd
edgar:~ # virsh -c qemu:///system list
WARNING: no socket to connect to
Id Name State
----------------------------------

edgar:~ #

Notice the Warning message, which appears with virt-manager as well. However if I try to create a new VM using virt-manager, upon clicking the final “OK” button I get the error message “Error: ‘NoneType’ object has no attribute ‘startswith'”.

Now is this just me or are the libvirt tools seriously broken on openSUSE 12.1?

EDIT1: This error message appears if you forget to define a valid installation source (eg. the location of your .iso to be installed). Which is pretty easy, if you click “OK” all the time through the wizard. Which, by the way, is “vm-install”, which is not a regular part of virt-manager but was developed by Novell and patched into virt-manager. Why? No idea. Looks like pretty untested software to me. BNC #742773.

EDIT2: The warning message appears in every program that uses GnuTLS. GnuTLS uses gnome-keyring, which in turn recently added PKCS11 support, but shouldn’t complain if gnome-keyring-daemon isn’t running. The gnome-keyring devs fixed this already and Red Hat already provides an update. So now to wait for Novell: BNC #742776.