Error while trying Fedora CoreOS on Fedora Silverblue

Hello Fedora CoreOS developers,

When I try to run Fedora CoreOS on Fedora Silverblue I get the error below.

Command

sudo virt-install --connect qemu:///system \
  -n fcos -r 2048 --os-variant=fedora34 --import \
  --graphics=none \
  --disk size=10,backing_store=/var/home/verhoeckx/.local/share/libvirt/images/fedora-coreos-34.20210611.3.0-qemu.x86_64.qcow2.xz \
  --qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=/var/home/verhoeckx/.local/share/libvirt/images/coreos-ignition.ign"

Error

Starting install...
Allocating 'fcos.qcow2'                                                                                                    |  10 GB  00:00:00     
Removing disk 'fcos.qcow2'                                                                                                 |    0 B  00:00:00     
ERROR    Cannot access backing file '/var/home/verhoeckx/.local/share/libvirt/images/fedora-coreos-34.20210611.3.0-qemu.x86_64.qcow2.xz' of storage file '/var/lib/libvirt/images/fcos.qcow2' (as uid:107, gid:107): Permission denied
Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
  virsh --connect qemu:///system start fcos
otherwise, please restart your installation.

FCC file

variant: fcos
version: 1.3.0
passwd:
  users:
    - name: core
      password_hash: $y$j9T$fmMO5PESuMYUq26bxLRFp.$pHmyawqQXA2tUfftzzNdUnvrxfHpFuuFW5ZQaykqTI9

Ignition file

{"ignition":{"version":"3.2.0"},"passwd":{"users":[{"name":"core","passwordHash":"$y$j9T$fmMO5PESuMYUq26bxLRFp.$pHmyawqQXA2tUfftzzNdUnvrxfHpFuuFW5ZQaykqTI9"}]}}

Does it have to due to the fact that I use a password instead of a SSH public key?
Or is SELinux still not allowed to access the relevant files?

I used the following commands to give SELinux access:

chcon -t svirt_home_t [absolute path to fedora coreos image]
chcon -t svirt_home_t [absolute  path to ignition file]

And moved the files to ~/.local/share/libvirt/images/.

It’d probably be worth checking the journal for SELinux AVC denials. Also note that you’re specifying an xz-compressed backing file; I don’t think that will work.

Also note that you’re specifying an xz-compressed backing file; I don’t think that will work.

Thanks! I didn’t noticed that!

I uncompressed the file with unxz.
unxz [fedora coreos image]

Sadly, I still get the same error. I’m going to look at the SELinux journal.

I made some progress!

I moved the files to /var/lib/libvirt/images and now Fedora CoreOS 34 does start!

However I’m not able to log in because my password is not accepted. I use CTRL + V to copy my password and SHFT + CTRL + V to paste it. Maybe the last shortcut doesn’t work in a virtual machine?

I’m also not able to the cancel the log in process because CTRL + C doesn’t work.

Any ideas?

I wonder if the command chcon was necessary. Maybe moving the files to /var/lib/libvirt/images was enough?

Hmm. I’m not sure there is quite enough info here. Are you trying to log in using the serial console? The VGA console? via SSH?

Note that by default you can’t log in with a password over SSH. These docs might help: Configuring Users :: Fedora Docs

If you’d like to get more familiar with FCOS (and probably help answer some “getting started” questions) I highly recommend running through the tutorials: Prerequisites for the tutorials :: Fedora Docs

Hi @dustymabe,

I use the command virt-install to run a new vm. When it’s finished booting, I’m presented with the default Linux prompt / console. So at that moment I’m not using SSH.

I wanted to try it out because I was thinking to use Fedora CoreOS to built a server running the Nextcloud Docker image. But after getting some feedback on this forum, people advised me to run Nextcloud in a virtual machine. But when I choose this setup, it’s not possible anymore to use Fedora CoreOS because it’s is all about containers and not virtual machines (AFAIK).