In my ubuntu22.04.xml configuration I have:
<qemu:commandline>
<qemu:arg value='-chardev'/>
<qemu:arg value='socket,id=chr0,path=/tmp/sock0,server=on'/>
</qemu:commandline>
The socket will be created by Qemu, so just check permissions:
$ ls -la /tmp
total 84
drwxrwxrwt 21 root root 4096 Aug 8 05:42 .
drwxr-xr-x 21 root root 4096 Apr 20 08:07 ..
...etc
$ ls -la /tmp/sock0
ls: cannot access '/tmp/sock0': No such file or directory
However, I see this error:
$ virsh start ubuntu22.04
error: Failed to start domain 'ubuntu22.04'
error: internal error: process exited while connecting to monitor: 2023-08-07T20:58:25.810334Z
qemu-system-x86_64: -chardev socket,id=chr0,path=/tmp/sock0,server=on:
Failed to bind socket to /tmp/sock0: Permission denied
If I create the socket in another program before running, I get instead:
$ virsh start ubuntu22.04
error: Failed to start domain 'ubuntu22.04'
error: internal error: process exited while connecting to monitor: 2023-08-07T20:57:56.240729Z
qemu-system-x86_64: -chardev socket,id=chr0,path=/tmp/sock0,server=on:
Failed to unlink socket /tmp/sock0: Permission denied
What could be the reason for the permission error?
UPDATE: Looking at dmesg, I see a possible error:
[ 3369.733844] audit: type=1400 audit(1691444094.488:178): apparmor="DENIED"
operation="mknod" class="file" profile="libvirt-ea182d75-dd38-41dd-b227-5b871b0a77bb"
name="/tmp/sock0" pid=9163 comm="qemu-system-x86"
requested_mask="c" denied_mask="c" fsuid=64055 ouid=64055
What does this indicate?
I am trying to reproduce the example here with DPDK v22.11.2.
