Big mistake (?): sudo virt-manager

Hi all, :wave:

oh dear, oh dear. I might have done something stupid and need your help and opinions. :frowning_face:

After my fresh install of Linux Lite 6.2. I wanted to get my virtual machines running again. The images are still present on my third partition and yesterday I installed qemu-system and virt-manager.

After that:
sudo usermod -aG libvirt rosika
(to add myself to the user group libvirt). After that I rebooted the system.

Now I wanted to create a new vm by importing the respective img-file, e.g. virtualdebian.img for my Debian vm.

For this I employed virt-manager. Yet I couldn´t import the img-file as virt-manager complained about not being allowed to do so.

In order to rectify the situation virt-manager offered me to do just that. Yet it still wouldn´t work. It didn´t have the respective rights. :slightly_frowning_face:

So I looked around on the web and found here: kvm - Permission error in virtual machine manager - Ask Ubuntu :

I had the same issue as well. I fixed it by doing the following:

Run virt-manager with sudo:

sudo virt-manager

Attempt to create your VM. When the error dialog appears, click Yes to correct the error.

What this does is change the user and group of your image file (to libvirt-qemu:libvirt-qemu if that’s your virt-manager user).

When you get to the next step, cancel the creation process and close virt-manager.

Now relaunch virt-manager without sudo and attempt to create your VM again.

Hmm, I followed the instructions without doing any thinking beforehand. Such a beginner´s mistake. :unamused:

I should´ve know better. There´s a rule saying not to use sudo with a gui app. But virt-manager is a gui app. :woozy_face:

For what ist´s worth the method described worked and my Debian vm could be imported and run.

BUT:

here are my questions:

  • by having run sudo virt-manager have I done something VERY stupid that cannot be set straight again :question:
  • is there a way of finding out if something is amiss :question:
  • haven´t got a clonezilla backup available yet, just a timeshift backup. So I could go back in time a few days if need be…
    for the root partition
  • … but I would lose a lot of programmes I installed in the meantime.

Any ideas or suggestions of what I should do?

Many thanks for your help in advance.

Many greetings
Rosika :slightly_smiling_face:

1 Like

I’m not sure what effect this sudo command would have simply because it was used on a GUI application. Others may have thoughts on that.

As to the problem of importing the image. My first thought was that maybe your new user doesn’t have permissions to the existing image file you saved. Your user name may be the same but the user ID may not be.

A fresh system install has always had my first user assigned a user ID of 1000. Maybe that isn’t the case with your distros or maybe you created a couple users but in a different order on the different distros.

Anyway, I would think you would just need to change ownership of the image files so you could import them. Does that make sense?

1 Like

Hi Rosika,
It depends what you do with the gui app.
You did one thing… changed permissions on your image file,… then closed the app.
I think that is safe.
That is why they said, close the app immediately. If you went on and did other things it would make files belonging to root.

Do a test. Use qemu and make sure it functions normally. I dont think I would wind it back, unless you find an issue. However, you are wise to be questioning this.

I dont see why they did not recommend just using chmod and chgrp on the image file?

Regards
Neville

2 Likes

Makes sense to me. I do not see the need to do it with the gui. But now it is done, I think it is probably OK to leave it.

1 Like

Hi all, :wave:

thanks so much for your replies. :heart:

@all :

I don´t know the whole theory behind it, at least I´ve forgotten all about it as you don´t need to deal with that topic on a daily basis. :blush:

Well, according to gui - Is it a good thing to run virt-manager as sudo? - Ask Ubuntu it is (or rather was) like this:

The old issue was that sudo used to write and modify the applications configuration files in the current user’s home directory changing their permissions and ownership from
the current user to root which will render them inaccessible to the current user and thus mess up the current user’s home directory’s contents to the point that GUI applications might not run anymore or run with errors …

This, however, is not the case anymore

Therefore one wasn´t supposed to run gui applications with sudo . There used to be the command gksudo which just filled the gap. But it´s no longer availabe I think.

BUT:

according to the source mentioned above the situation has changed:

What you’ve been told is a remnant of an old issue (tale) that is not an issue anymore. Some people will still warn you not to do so on Ubuntu without even knowing why!

Starting from Ubuntu 19.10 and later, you can run GUI applications with sudo.
[…]
Starting from Ubuntu 19.10, using sudo with GUI applications will assume root’s home directory and not the current user’s home directory.

Well, that sounds good :+1: . Yet I wish I would know where to read up on the matter using some official Ubuntu source… :thinking:

@nevj :

Thanks. Neville, for the confirmation.

O.K., I looked it up:

this is how the rights look like after having been modified by sudo virt-manager:

ll virtualdebian.img 
-rw-r--r-- 1 32768 kvm 44G Jan 20 16:25 virtualdebian.img

And these are the rights for my other virtual machine (Bodhi Linux) which still is in the original state:

ll testing-image.img 
-rw-rw-rw- 1 rosika 1001 30G Dez 31 17:34 testing-image.img

Hmm, somehow group isn´t displayed, it seems, just owner… :thinking: :question:

O.K. Just tested it. Debian vm works normally, even within the firejail sandbox. :+1:

No issues so far…

… except the locate command doesn´t seem to work properly.
But I guess that doesn´t have anything to do with the issue discussed here. It had probably displayed that curiuous behaviour before. It´s just now that I noticed it… :blush:

And I guess applying timeshift for reverting to a previous state wouldn´t make much sense as it would change the contents of the root partition and wouldn´t do anything with home. So nothing to be gained there…

Thanks, Neville. I think I´ll do just that. :+1:

@pdecker :

Thanks to you as well.

I see. Well, that may very well be the case.

Yes, it makes perfect sense. Thanks a lot. :heart:

Many thanks and many greetings greetings to you all.

Rosika :slightly_smiling_face:

P.S.:

In actual fact that was given as an alternative here as well:

You could also sudo chown libvirt-qemu:libvirt-qemu <image-file> if you want to do it manually.

When noticing it however I had already performed sudo virt-manager:upside_down_face:

Well, the main thing is no harm seems to have been done. :slightly_smiling_face:

UPDATE:

I just noticed group and owner are displayed.
Couldn´t make sense of the 32768 entry, therefore the confusuion.

1 Like