<div dir="ltr"><div>Hello.</div><div><br></div><div>I made another progress. I've recompiled the kernel again,I have enabled more iptables options and now virt-manager has been able to create the bridge for me :</div><div><br></div><div><span style="font-family:monospace"><span style="color:#000000;background-color:#ffffff">virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 </span><br> inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 <br> ether 52:54:00:bc:6c:69 txqueuelen 1000 (Ethernet) <br> RX packets 0 bytes 0 (0.0 B) <br> RX errors 0 dropped 0 overruns 0 frame 0 <br> TX packets 0 bytes 0 (0.0 B) <br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br></span></div><div><br></div><div> So,now network works,qemu and kvm works,but now I don't know what to do because when I try to create a new virtual machine going in FIle / New Virtual Machine,nothing happens. There could be an additional problem,but I don't see errors. What can I do to see which kind of problem there could be under the hood ? </div><div><br></div><div>PS : I've accessed the chromebook using : ssh -Y <a href="mailto:root@192.168.1.6">root@192.168.1.6</a> and then I ran "virt-manager" as root. Is this wrong ?</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 28, 2023 at 4:27 PM Mario Marietto <<a href="mailto:marietto2008@gmail.com">marietto2008@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><font size="4">Thanks very much. You are very gentle and helpful.</font></div><div><font size="4"><br></font></div><div><font size="4">I've fixed the PolicyKit problem in this way :<br></font></div><div><br></div><div><font size="4">In :</font><br> <br> <span style="font-family:"monospace""><span style="color:rgb(0,0,0)">/usr/share/polkit-1/actions/org.libvirt.unix.policy</span></span></div><div><span style="font-family:"monospace""><br></span></div><div><span style="font-family:"monospace""> <br><font size="4"> I have changed this :</font></span><br> <br><div> <div></div> <div dir="ltr"> <pre dir="ltr"><code><action id="org.libvirt.unix.manage"> <description>Manage local virtualized systems</description> <message>System policy prevents management of local virtualized systems</message> <defaults>  <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> <allow_active>auth_admin_keep</allow_active> </defaults> </action></code></pre> </div> </div><br> <br> <font size="4"><span style="font-family:"monospace"">to this :</span></font></div><div> <br> <div> <div></div> <div dir="ltr"> <pre dir="ltr"><code><action id="org.libvirt.unix.manage"> <description>Manage local virtualized systems</description> <message>System policy prevents management of local virtualized systems</message> <defaults>  <allow_any>yes</allow_any> <allow_inactive>yes</allow_inactive> <allow_active>yes</allow_active> </defaults> </action></code></pre> </div> </div><br> <span style="font-family:"monospace"">and boom : QEMU and KVM are connected now. Now,another problem has emerged. </span><span style="font-family:"monospace"">When I click on "File / New Virtual Machine",nothing happens. At this point,I did :<br></span></div><div><span style="font-family:"monospace""><br></span></div><div><span style="font-family:"monospace""><br></span></div><div> <font size="4"><code>sudo virsh net-info default</code></font><br> <br> then :</div><div><br></div><div><font size="4"><code>sudo virsh net-start default</code></font></div><div><br> <div><br><span style="font-family:"monospace""></span></div><div><font size="4">and a lot of shit came out from the manhole <img alt=":D" title="Big Grin :D">:</font></div><div><br></div><div><pre dir="ltr"><code><font size="4">Error starting network 'default': internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table mangle --list-rules: iptables v1.8.9 (legacy): can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Traceback (most recent call last): File "/usr/local/share/virt-manager/virtManager/asyncjob.py", line 71, in cb_wrapper callback(asyncjob, *args, **kwargs) File "/usr/local/share/virt-manager/virtManager/asyncjob.py", line 107, in tmpcb callback(*args, **kwargs) File "/usr/local/share/virt-manager/virtManager/object/libvirtobject.py", line 57, in newfn ret = fn(self, *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/share/virt-manager/virtManager/object/network.py", line 69, in start self._backend.create() File "/usr/lib/python3/dist-packages/libvirt.py", line 3547, in create raise libvirtError('virNetworkCreate() failed') libvirt.libvirtError: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table mangle --list-rules: iptables v1.8.9 (legacy): can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.<br><br>and :<br><br></font></code><span style="font-family:"monospace""><span style="color:rgb(84,255,84)"><b>marietto@chromarietto</b></span><span style="color:rgb(0,0,0)">:</span><span style="color:rgb(84,84,255)"><b>~</b></span><span style="color:rgb(0,0,0)">$ sudo virsh net-info default </span><br> Name: default <br> UUID: 7c4408b7-5125-4c98-9d53-f1fe109371e3 <br> Active: no <br> Persistent: yes <br> Autostart: yes <br> Bridge: virbr0 <br> <span style="color:rgb(84,255,84)"><b><br>marietto@chromarietto</b></span><span style="color:rgb(0,0,0)">:</span><span style="color:rgb(84,84,255)"><b>~</b></span><span style="color:rgb(0,0,0)">$ sudo virsh net-start default </span><br> error: Failed to start network default <br> error: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table mangle --list-rules: iptables v1.8.9 (legacy): can't initialize iptables table `mangle': Table does not exist (do you need to insmod?). Perhaps iptables or your kernel needs to be upgraded.<br><br><br>I tried to fix it with this :<br><br><br></span><span style="font-family:"monospace""><span style="color:rgb(0,0,0)">$ modprobe iptable_mangle</span> modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/5.4.244-stb-cbe<br><br> so,some options should be enabled inside the kernel,for sure.<br><br></span><font size="4">I have configured the option "MANGLE" to yes when I have recompiled the kernel the last time :</font><br> <br></pre><div><div dir="ltr"> <pre dir="ltr"><code>CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_ARP_MANGLE=y CONFIG_IP6_NF_MANGLE=y</code></pre> </div> </div><br> <span style="font-family:"monospace"">"unfortunately" I'd configured it correctly,so the error should depend on something else. </span></div><div><span style="font-family:"monospace"">It would have been too easy to fix the error so fast. Suggestions ?</span></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 28, 2023 at 1:16 PM Pavel Hrdina <<a href="mailto:phrdina@redhat.com" target="_blank">phrdina@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Sun, Aug 27, 2023 at 06:06:59PM +0200, Mario Marietto wrote:<br> > If I don't launch virtqemud,this is what I have :<br> <br> Yeah you never want to run libvirtd and virtqemud at the same time, more<br> info here <<a href="https://libvirt.org/daemons.html" rel="noreferrer" target="_blank">https://libvirt.org/daemons.html</a>>.<br> <br> > marietto@chromarietto:~$ libvirtd &<br> <br> This will not work as expected. If you want to use system connection you<br> need to run libvirtd as root user.<br> <br> > [1] 2083<br> > <br> > marietto@chromarietto:~$ virt-manager<br> ><br> > <br> > A new error comes out :<br> > <br> > Unable to connect to libvirt qemu:///system.<br> > <br> > error from service: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed:<br> > Action org.libvirt.unix.manage is not registered<br> > <br> > Libvirt URI is: qemu:///system<br> > <br> > Traceback (most recent call last):<br> > File "/usr/local/share/virt-manager/virtManager/connection.py", line<br> > 923, in _do_open<br> > self._backend.open(cb, data)<br> > File "/usr/local/share/virt-manager/virtinst/connection.py", line 171, in open<br> > conn = libvirt.openAuth(self._open_uri,<br> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br> > File "/usr/lib/python3/dist-packages/libvirt.py", line 147, in openAuth<br> > raise libvirtError('virConnectOpenAuth() failed')<br> > libvirt.libvirtError: error from service:<br> > GDBus.Error:org.freedesktop.PolicyKit1.<br> > Error.Failed: Action org.libvirt.unix.manage is not registered<br> <br> This is polkit trying to authenticate that your user can connect to<br> system connection, libvirt running with root privileges, but you started<br> libvirtd as normal user.<br> <br> The error that "org.libvirt.unix.manage is not registered" means there<br> is no process handling that polkit action as there is no libvirtd<br> running as root.<br> <br> Pavel<br> <br> > On Sun, Aug 27, 2023 at 1:00 AM Mario Marietto <<a href="mailto:marietto2008@gmail.com" target="_blank">marietto2008@gmail.com</a>><br> > wrote:<br> > <br> > > Is there someone that can help me ? thanks.<br> > ><br> > > # sudo usermod -a -G libvirt root<br> > > # sudo usermod -a -G libvirtd root<br> > > # sudo usermod -a -G libvirt-qemu libvirt-qemu<br> > > # sudo usermod -a -G libvirt marietto<br> > > # sudo adduser libvirt-qemu<br> > > # sudo groupadd --system libvirt<br> > > # sudo groupadd --system libvirt-qemu<br> > > # sudo newgrp libvirt-qemu<br> > > # newgrp libvirt<br> > ><br> > > # /usr/local/sbin# libvirtd &<br> > > [1] 2875<br> > ><br> > > # virtqemud &<br> > > [2] 2906<br> > ><br> > > # /usr/local/sbin# 2023-08-26 22:53:10.190+0000: 2923: info : libvirt version: 9.7.0<br> > ><br> > > 2023-08-26 22:53:10.190+0000: 2923: info : hostname: chromarietto<br> > > 2023-08-26 22:53:10.190+0000: 2923: error : virPidFileAcquirePathFull:409 :<br> > > Failed to acquire pid file '/var/local/run/libvirt/qemu/driver.pid':<br> > > Resource temporarily unavailable<br> > > 2023-08-26 22:53:10.192+0000: 2923: error : virStateInitialize:672 :<br> > > Initialization of QEMU state driver failed: Failed to acquire pid file<br> > > '/var/local/run/libvirt/qemu/driver.pid': Resource temporarily unavailable<br> > > 2023-08-26 22:53:10.192+0000: 2923: error : daemonRunStateInit:617 :<br> > > Driver state initialization failed<br> > ><br> > > # /usr/local/sbin# ps ax | grep libvirt<br> > > 2875 pts/0 Sl 0:00 libvirtd<br> > ><br> > > # /usr/local/sbin# ps ax | grep virtqemu<br> > ><br> > ><br> > > On Fri, Aug 25, 2023 at 11:43 PM Mario Marietto <<a href="mailto:marietto2008@gmail.com" target="_blank">marietto2008@gmail.com</a>><br> > > wrote:<br> > ><br> > >> The real problem seems to be that the libvirtd process won't start :<br> > >><br> > >> marietto@chromarietto:~$ systemctl enable libvirtd<br> > >><br> > >> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-unit-files ====<br> > >> Authentication is required to manage system service or unit files.<br> > >> Multiple identities can be used for authentication:<br> > >> 1. linux<br> > >> 2. mario,,, (marietto)<br> > >> Choose identity to authenticate as (1-2): 2<br> > >> Password:<br> > >> ==== AUTHENTICATION COMPLETE ====<br> > >><br> > >> marietto@chromarietto:~$ systemctl start libvirtd<br> > >><br> > >> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ====<br> > >> Authentication is required to start 'libvirtd.service'.<br> > >> Multiple identities can be used for authentication:<br> > >> 1. linux<br> > >> 2. mario,,, (marietto)<br> > >> Choose identity to authenticate as (1-2): 2<br> > >> Password:<br> > >> ==== AUTHENTICATION COMPLETE ====<br> > >><br> > >> marietto@chromarietto:~$ systemctl status libvirtd<br> > >><br> > >> ○ libvirtd.service - Virtualization daemon<br> > >> Loaded: loaded (/usr/local/lib/systemd/system/libvirtd.service;<br> > >> enabled; preset: enabled)<br> > >> Active: inactive (dead) since Fri 2023-08-25 21:04:37 UTC; 2s ago<br> > >> Duration: 88ms<br> > >> TriggeredBy: ● libvirtd-admin.socket<br> > >> ● libvirtd-ro.socket<br> > >> ● libvirtd.socket<br> > >> Docs: man:libvirtd(8)<br> > >> <a href="https://libvirt.org" rel="noreferrer" target="_blank">https://libvirt.org</a><br> > >> Process: 3488 ExecStart=/usr/local/sbin/libvirtd $LIBVIRTD_ARGS<br> > >> (code=exited, status=0/SUCCESS)<br> > >> Main PID: 3488 (code=exited, status=0/SUCCESS)<br> > >> CPU: 252ms<br> > >><br> > >> As you can see,it says "inactive". This is the reason :<br> > >><br> > >> Aug 25 21:22:59 chromarietto libvirtd[3663]: invalid argument: Failed to<br> > >> parse user 'libvirt-qemu'<br> > >> Aug 25 21:22:59 chromarietto libvirtd[3663]: Initialization of QEMU<br> > >> state driver failed: invalid argument: Failed to parse user 'libvirt-qemu'<br> > >> Aug 25 21:22:59 chromarietto libvirtd[3663]: Driver state initialization<br> > >> failed<br> > >> Aug 25 21:22:59 chromarietto systemd[1]: libvirtd.service: Deactivated<br> > >> successfully.<br> > >><br> > >> On Fri, Aug 25, 2023 at 10:27 PM Mario Marietto <<a href="mailto:marietto2008@gmail.com" target="_blank">marietto2008@gmail.com</a>><br> > >> wrote:<br> > >><br> > >>> I think that what I found is very interesting :<br> > >>><br> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ systemctl start<br> > >>> virtqemud<br> > >>><br> > >>> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ====<br> > >>> Authentication is required to start 'virtqemud.service'.<br> > >>> Multiple identities can be used for authentication:<br> > >>> 1. linux<br> > >>> 2. mario,,, (marietto)<br> > >>> Choose identity to authenticate as (1-2): 2<br> > >>> Password:<br> > >>> ==== AUTHENTICATION COMPLETE ====<br> > >>><br> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ systemctl<br> > >>> enable virtqemud<br> > >>><br> > >>> ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-unit-files ====<br> > >>> Authentication is required to manage system service or unit files.<br> > >>> Multiple identities can be used for authentication:<br> > >>> 1. linux<br> > >>> 2. mario,,, (marietto)<br> > >>> Choose identity to authenticate as (1-2): 2<br> > >>> Password:<br> > >>> ==== AUTHENTICATION COMPLETE ====<br> > >>><br> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ ls<br> > >>> /var/local/run/libvirt/virtqemud-sock<br> > >>> /var/local/run/libvirt/virtqemud-sock<br> > >>><br> > >>> but when I launch virt-manager :<br> > >>><br> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$<br> > >>> /usr/local/bin/./virt-manager<br> > >>><br> > >>> It tries to connect,but it gets disconnected after a couple of seconds<br> > >>> and the error "Failed to connect socket to<br> > >>> '/var/run/libvirt/virtqemud-sock': No such file or directory' is shown<br> > >>> again.<br> > >>><br> > >>> In addition,virtqemud-sock is deleted :<br> > >>><br> > >>> marietto@chromarietto:~/Desktop/Dati/new/libvirt/build$ ls<br> > >>> /var/local/run/libvirt/virtqemud-sock<br> > >>> ls: cannot access '/var/local/run/libvirt/virtqemud-sock': No such file<br> > >>> or directory<br> > >>><br> > >>><br> > >>> The same problem I have has been found here and solved :<br> > >>><br> > >>><br> > >>> <a href="https://unix.stackexchange.com/questions/715726/virsh-list-throw-error-failed-to-connect-socket-to-var-run-libvirt-virtqemud" rel="noreferrer" target="_blank">https://unix.stackexchange.com/questions/715726/virsh-list-throw-error-failed-to-connect-socket-to-var-run-libvirt-virtqemud</a><br> > >>><br> > >>> On Fri, Aug 25, 2023 at 8:34 PM Mario Marietto <<a href="mailto:marietto2008@gmail.com" target="_blank">marietto2008@gmail.com</a>><br> > >>> wrote:<br> > >>><br> > >>>> I don't agree with some of your assumptions,for example :<br> > >>>><br> > >>>> 1) to send a screenshot is most of the time more informative than copy<br> > >>>> and paste text,because it contains more information. To describe<br> > >>>> complicated situations using only words takes a LOT of time,sometimes.<br> > >>>> Especially for the newbies,that aren't so skilled and they may have some<br> > >>>> difficulty in including or not some information. And even for the lack of a<br> > >>>> technical language.<br> > >>>><br> > >>>> 2) From my experience, going to irc to ask for help can be a problem<br> > >>>> for the time zone. Every time I tried to go to an IRC channel,I've always<br> > >>>> found bots and not talking users.<br> > >>>><br> > >>>> 3) The rejection of emails happens even if I don't attach any<br> > >>>> screenshots (a thing that I do rarely),and my messages are also rejected<br> > >>>> because when I hit reply also all the story is attached. I think that it's<br> > >>>> important to attach the story because it may contains important details<br> > >>>> that could be missed<br> > >>>><br> > >>>> On Fri, Aug 25, 2023 at 8:24 PM Eric Blake <<a href="mailto:eblake@redhat.com" target="_blank">eblake@redhat.com</a>> wrote:<br> > >>>><br> > >>>>> On Fri, Aug 25, 2023 at 07:13:26PM +0200, Mario Marietto wrote:<br> > >>>>> > I've sent you an email on your personal email address because the ML<br> > >>>>> does<br> > >>>>> > not accept pictures,but I need to show you a picture to help you to<br> > >>>>> > understand well. I don't approve this rule of the ML,it does not<br> > >>>>> help those<br> > >>>>> > who want to learn and for this reason need to be exhaustive when<br> > >>>>> there is a<br> > >>>>> > strong need to explain well.<br> > >>>>><br> > >>>>> The list has a cap at 300k for a reason. Sending larger attachments<br> > >>>>> to the list then multiplies out to gigabytes of network data when<br> > >>>>> counting the number of subscribers, even though many of those<br> > >>>>> subscribers are not actively participating in the thread. Sending a<br> > >>>>> URL to an image hosted externally uses much less bandwidth. Also, if<br> > >>>>> the problem is something that happens in a terminal window, it is less<br> > >>>>> bandwidth-intensive to just copy/paste the contents of the terminal<br> > >>>>> (as text) instead of attaching a screenshot to your email, and no less<br> > >>>>> informative.<br> > >>>>><br> > >>>>> You may also try IRC; there, you can probably get faster turnaround<br> > >>>>> times than waiting for emails to bounce back and forth.<br> > >>>>> <a href="https://libvirt.org/contact.html#irc" rel="noreferrer" target="_blank">https://libvirt.org/contact.html#irc</a><br> > >>>>><br> > >>>>> although at the end of the day, email is more persistent and reaches a<br> > >>>>> larger audience whereas IRC only reaches whoever is online at the time.<br> > >>>>><br> > >>>>> --<br> > >>>>> Eric Blake, Principal Software Engineer<br> > >>>>> Red Hat, Inc.<br> > >>>>> Virtualization: <a href="http://qemu.org" rel="noreferrer" target="_blank">qemu.org</a> | <a href="http://libguestfs.org" rel="noreferrer" target="_blank">libguestfs.org</a><br> > >>>>><br> > >>>>><br> > >>>><br> > >>>> --<br> > >>>> Mario.<br> > >>>><br> > >>><br> > >>><br> > >>> --<br> > >>> Mario.<br> > >>><br> > >><br> > >><br> > >> --<br> > >> Mario.<br> > >><br> > ><br> > ><br> > > --<br> > > Mario.<br> > ><br> > <br> > <br> > -- <br> > Mario.<br> </blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">Mario.<br></div> </blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">Mario.<br></div>