Talk: Cannot launch libvirt virtual machines after upgrade to Fedora 40

This is a discussion topic for the following Common Issue:

You can discuss the problem and its solutions here, but please note that debugging and technical feedback should primarily go to the issue trackers (e.g. Bugzilla) linked in the Common Issue, because that’s the place that developers watch, not here.

If there are any updates/changes/amendments for the Common Issue description, which you believe should be performed, please post it here.

1 Like

Please see the Common Issue for solution/workarounds:

1 Like

Thanks Kamil.

Well, I can launch VM just fine, it just leaves the denial SELinux is preventing rpc-virtqemud from getattr access on the filesystem /dev in logs. Not sure if I need to setup a particular (TPM?) device? I used virt-install to launch a VM and another I launched via Cockpit machines plugin. Both worked, so I thought I would share this. I have a fully new reinstall after disaster recovery last week, so this is a Fresh 40 running on Intel NUC 13 Pro (which does have a TPM installed I believe).

Edit: There are more errors actually, I created a VM with LVM storage pool volume called “dev” in this case, the command was:

virt-install \
    --os-variant fedora-rawhide --autostart \
    --name $1 \
    --memory memory=55000 \
    --network network=default \
    --cpu host --vcpus 11 \
    --disk pool=ssd,size=40 \
    --graphics vnc \
    --location $URL \
    --initrd-inject $2 \
    --extra-args "inst.ks=file:/$2" \
    --autoconsole none

Denials: gist:aad02672d9029aba7fa4694f60231ff9 · GitHub

TPM Does Not Work Virt-Manager Fedora 40 - #3 by vgaetera

@lzap Those denials are probably not related to the Common Issue in question. Some of them are probably covered by my bug report here:
https://bugzilla.redhat.com/show_bug.cgi?id=2273960

Feel free to report the rest against the selinux-policy package :slight_smile:

Does marking this “Solved” make sense, when the actual common-bugs posting indicates that the issue is still very much UN-solved and still being investigated?

Seems like “Solved” would stifle discussion, especially since it causes Discourse to show this message to anyone who attempts to add to the discussion:

image

@ferdnyc I think it’s the better approach of the two. Previously, I used to not mark Talk pages as having a solution, and what happened was that people found that Talk page (rather than the Common Issue), glossed over the initial description (not noticing the link to the Common Issue), and started asking how to resolve the bug, what the workarounds are, etc. People had to point them to the Common Issue page over and over again.

With this approach, the popup is slightly annoying, but this described problem stopped happening. People now look at the “solution”, find the link the Common Issue, and read it. And then discuss it here only if there’s something unclear, found a different workaround, etc. Basically it now works much more as intended.

If it was possible to “pin” a comment somehow, to make sure people actually read it before discussing, this wouldn’t need to be marked as solved. But I’m not aware of such functionality, so this is what works best at the moment.

1 Like

An update that solves the issue has been pushed to stable: If you experience the problem, please do sudo dnf update --refresh , install all updates and then reboot after the updates have been installed

If you still experience the issue after that, let us know here

@kparal can you update the common issues topic?

See the bug ticket. I just tested it and can confirm it works.

Thanks, @py0xc3 , for your ping. I updated the Common Issue.

1 Like