8000 Issues using virt-builder on Ubuntu 24.04 - Is it mature? · Issue #170 · libguestfs/libguestfs · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Issues using virt-builder on Ubuntu 24.04 - Is it mature? #170

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
k3wals opened this issue Feb 3, 2025 · 0 comments
Open

Issues using virt-builder on Ubuntu 24.04 - Is it mature? #170

k3wals opened this issue Feb 3, 2025 · 0 comments

Comments

@k3wals
Copy link
k3wals commented Feb 3, 2025

Recently updated from Ubuntu 22.04 to 24.04. Was using virt-builder without issue before the upgrade. Now I'm running into several issues which have led me to just use an older host to make my images for now.

My question is rather generic.

Is libguestfs considered mature on Ubuntu 24.04?

Issues:

User Namespaces

Had to update the system configuration

sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

AppArmor profiles do not allow passt to run

libguestfs: command: run: passt
libguestfs: command: run: \ --one-off
libguestfs: command: run: \ --socket /run/user/1582049248/libguestfsDZHSLw/passt.sock
libguestfs: command: run: \ --pid /run/user/1582049248/libguestfsDZHSLw/passt1.pid
libguestfs: command: run: \ --address 169.254.2.15
libguestfs: command: run: \ --netmask 16
libguestfs: command: run: \ --mac-addr 52:56:00:00:00:02
libguestfs: command: run: \ --gateway 169.254.2.2
No routable interface for IPv6: IPv6 is disabled
Template interface: eno12399np0 (IPv4)
MAC:
    host: 52:56:00:00:00:02
DHCP:
    assign: 169.254.2.15
    mask: 255.255.0.0
    router: 169.254.2.2
DNS:
    169.254.2.2
DNS search list:
    mydomain.com
UNIX domain socket bound at /run/user/1582049248/libguestfsDZHSLw/passt.sock

You can now start qemu (>= 7.2, with commit 13c6be96618c):
    kvm ... -device virtio-net-pci,netdev=s -netdev stream,id=s,server=off,addr.type=unix,addr.path=/run/user/1582049248/libguestfsDZHSLw/passt.sock
or qrap, for earlier qemu versions:
    ./qrap 5 kvm ... -net socket,fd=5 -net nic,model=virtio
PID file open: Permission denied
libguestfs: trace: launch = -1 (error)
virt-builder: error: libguestfs error: passt exited with status 1

I've found several bug reports and suggested resolutions, but none worked for me. I ended up just turning off the passt AppArmor profile to make progress

  1. #1061678 - passt: apparmor denies access to /run/user/$UID/libvirt/qemu/run/passt/ - Debian Bug report logs
  2. https://passt.top/passt/commit/contrib/apparmor/abstractions/passt?id=3ff3a8a467fff1d4b234949e4dd3db618a9f8ed2
  3. Bug #2065685 “aa-logprof fails with 'runbindable' error” : Bugs : apparmor package : Ubuntu
  4. apparmor: Add user session path for PID and socket files used by passt · libvirt/libvirt@f95675f
  5. https://passt.top/passt/diff/util.c?h=2024_10_30.ee7d0b6&id=59fe34ee36368bb28c8298b1a1bfad5d0d9f47a3

No network access when creating image

Probably related to my AppArmor issue, but maybe not? When trying to install packages into the image, the debian servers won't resolve. Same command works fine on a 20.04 host.

virt-builder debian-12 \
    --size 8G \
    --output gitlab-runner-base.qcow2 \
    --format qcow2 \
    --hostname gitlab-runner-bookworm \
    --network \
    --install curl \
    --run-command 'curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh" | bash' \
    --run-command 'curl -s "https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh" | bash' \
    --run-command 'useradd -m -p "" gitlab-runner -s /bin/bash' \
    --install gitlab-runner,git,git-lfs,openssh-server \
    --run-command "git lfs install --skip-repo" \
    --run-command "echo 'gitlab-runner ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers" \
    --run-command "sed -E 's/GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"net.ifnames=0 biosdevname=0\"/' -i /etc/default/grub" \
    --run-command "grub-mkconfig -o /boot/grub/grub.cfg" \
    --run-command "echo 'auto enp1s0 ' >> /etc/network/interfaces" \
    --run-command "echo 'allow-hotplug enp1s0 ' >> /etc/network/interfaces" \
    --run-command "echo 'iface enp1s0 inet dhcp' >> /etc/network/interfaces"

... truncated ...

Ign:2 http://deb.debian.org/debian bookworm-updates InRelease
Err:1 http://deb.debian.org/debian bookworm InRelease
  Temporary failure resolving 'deb.debian.org'
Err:3 http://security.debian.org/debian-security bookworm-security InRelease
  Temporary failure resolving 'security.debian.org'
Err:2 http://deb.debian.org/debian bookworm-updates InRelease
  Temporary failure resolving 'deb.debian.org'
Reading package lists...
W: Failed to fetch http://deb.debian.org/debian/dists/bookworm/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://security.debian.org/debian-security/dists/bookworm-security/InRelease  Temporary failure resolving 'security.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/bookworm-updates/InRelease  Temporary failure resolving 'deb.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@k3wals
0