Using custom qemu binary with libvirt fails?

Question

I have a locally built qemu. I am using libvirt python API to defineXML. I get the error:

libvirt: error : internal error: Child process (LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /home/deepti/testqemu/bin/qemu-system-arm -help) unexpected exit status 126: libvirt: error : cannot execute binary /home/deepti/testqemu/bin/qemu-system-arm: Permission denied Traceback (most recent call last): File "testcustomQemu.py", line 70, in dom = conn.defineXML(xmlconfig) File "/home/deepti/.virtualenvs/testlibvirt/local/lib/python2.7/site-packages/libvirt.py", line 3685, in defineXML if ret is None:raise libvirtError('virDomainDefineXML() failed', conn=self) libvirt.libvirtError: internal error: Child process (LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /home/deepti/testqemu/bin/qemu-system-arm -help) unexpected exit status 126: libvirt: error : cannot execute binary /home/deepti/testqemu/bin/qemu-system-arm: Permission denied

The ownership for /home/deepti/testqemu is root:root. Changing the permission to +x also does not work.

What am I missing. How can I get my custom qemu to be taken?

My script and xml are as below:

import libvirt
import sys

xmlconfig = """<domain type='qemu' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
  <name>limom_instance</name>
  <uuid>35615c44-b004-4b3f-9f42-da182b9662ef</uuid>
  <memory unit='KiB'>786432</memory>
  <currentMemory unit='KiB'>786432</currentMemory>
  <vcpu>1</vcpu>
  <os>
    <type arch='armv7l' machine='limott'>hvm</type>
    <kernel>/home/deepti/limom/FinalArtifacts/kerneldist1/zImage</kernel>
    <dtb>/home/deepti/limom/FinalArtifacts/dtbdist1/emmc.dtb</dtb>
  </os>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <emulator>/home/deepti/testqemu/bin/qemu-system-arm</emulator>
    <serial type='pty'>
      <target port='0'/>
    </serial>
    <serial type='pty'>
      <target port='1'/>
    </serial>
    <serial type='pty'>
      <target port='2'/>
    </serial>
    <serial type='pty'>
      <target port='3'/>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <memballoon model='none'/>
  </devices>
  <qemu:commandline>
    <qemu:arg value='-sdl'/>  
    <qemu:arg value='-show-cursor'/>
    <qemu:arg value='-nographic'/>
    <qemu:arg value='-sd'/>
    <qemu:arg value='/home/deepti/limom/FinalArtifacts/emmc.dat'/>
  </qemu:commandline>
</domain>"""

conn = libvirt.open('qemu:///system')
if conn == None:
    print('Failed to open connection to qemu:///system')
    exit(1)

uri = conn.getURI()
print('Canonical URI: '+uri)
dom = conn.defineXML(xmlconfig)
if dom == None:
    print('Failed to define a domain from an XML definition')
    exit(1)


conn.close()

Answer 1

On Ubuntu 18, I've to add paths to custom binary and firmware/bios folder to

/etc/apparmor.d/abstractions/libvirt-qemu

Answer 2

You're using the system instance of libvirtd, so the QEMU process will run as a qemu:qemu user/group pair. Home directories are normally configured so that other users cannot access any files they contain. IOW, qemu:qemu cannot read /home/deepti/, and thus cannot run the QEMU binary. You could either do "chmod o+x $HOME", or install QEMU in a place like /usr/local instead.

Beware that if the host has SELinux or AppArmor active that may also cause permission problems when using QEMU binaries in unusual locations.