6:33 a.m.
On Tue, Jun 24, 2025 at 12:37:22PM +0200, Stefano Brivio wrote:
On Tue, 24 Jun 2025 15:46:13 +0530
"Aithal, Srikanth" <sraithal(a)amd.com> wrote:
> On 6/24/2025 3:04 PM, Stefano Brivio wrote:
> > On Tue, 24 Jun 2025 09:12:33 +0100
> > "Richard W.M. Jones"<rjones(a)redhat.com> wrote:
> >
> >> On Tue, Jun 24, 2025 at 01:25:47PM +0530, Aithal, Srikanth wrote:
> >>> libguestfs: command: run: \ --pid /tmp/libguestfsJamIlZ/passt1.pid
> >> ...
> >>> Don't run as root. Changing to nobody...
> >> ...
> >>> PID file open: Permission denied
> > I think that might be due to an issue in the AppArmor policy from the
> > version shipped with Ubuntu 24.04 (that's a rather old version), but
> > I'm not entirely sure what it might be.
> >
> > Aithal, could you have a look at /var/log/audit/audit.log (say,
> > "tail -f /var/log/audit/audit.log") while you're running this?
> >
> > AppArmor access denials are logged there, as well as in the system log.
>
> I updated my Ubuntu 24.04 system to the latest version using apt
> upgrade. Following the update, I can now run virt-customize as a
> non-root user with passt, resolving the previous permission issue.
>
> However, I am still encountering the original issue I faced with
> libslirp and now with passt: the network interfaces inside the
> libguestfs appliance are not being assigned IP addresses.
>
> I have attached the new logs for your review. Thank you for your time
> and assistance.
>
>
> /# dpkg -l | grep passt/
> ii passt 0.0~git20240220.1e6f92b-1 amd64
> user-mode networking daemons for virtual machines and namespaces
>
>
> /# sudo -u amd virt-customize -v -x -a
> /home/amd/noble-server-cloudimg-amd64.qcow2 --install isc-dhcp-client/
>
> ..
>
> libguestfs: command: run: passt --help
> Usage: passt [OPTION]...
>
> -d, --debug\t\tBe verbose
> --trace\t\tBe extra verbose, implies --debug
> ..
>
> ..
>
> libguestfs: command: run: passt
> libguestfs: command: run: \ --one-off
> libguestfs: command: run: \ --socket /tmp/libguestfsTs3w5r/passt.sock
> libguestfs: command: run: \ --pid /tmp/libguestfsTs3w5r/passt1.pid
> libguestfs: command: run: \ --address 169.254.2.15
> libguestfs: command: run: \ --netmask 16
> libguestfs: command: run: \ --mac-addr 52:56:00:00:00:02
> libguestfs: command: run: \ --gateway 169.254.2.2
> No routable interface for IPv6: IPv6 is disabled
> Template interface: enp97s0 (IPv4)
> MAC:
> host: 52:56:00:00:00:02
> DHCP:
> assign: 169.254.2.15
> mask: 255.255.0.0
> router: 169.254.2.2
> DNS:
> 169.254.2.2
> DNS search list:
> amd.com
> UNIX domain socket bound at /tmp/libguestfsTs3w5r/passt.sock
...I didn't realise you don't have IPv6 connectivity on the host,
sorry. Then passt won't really help bypassing IPv4.
Rich, I think the issue here is that appliance/init does:
iface=$(ls -I all -I default -I lo /proc/sys/net/ipv4/conf)
and that will pick sit0 over eth0, but it shouldn't. If requesting
jq(1) is an option, perhaps:
iface=$(ip -j link show | jq -rM '.[] | select(.link_type ==
"ether").ifname')
would be somewhat more accurate.
I'm a bit confused here. How does host IPv4 or IPv6 affect what
happens in the appliance? For example if the host only had IPv6, it
should still work wouldn't it?
Also I'm confused where sit0 comes from (or even what it is, really).
Why does it appear inside the appliance at all?
My mental model is that passt provides an IPv4 address inside the host
on eth0. If the host has, say, only IPv6, then requests would be
proxied out over that. We don't care how that happens precisely.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v