Here’s the error:
Error starting domain: internal error: qemu unexpectedly closed the monitor: 2022-03-05T03:40:51.692907Z qemu-system-x86_64: -device virtio-9p-pci,id=fs0,fsdev=fsdev-fs0,mount_tag=/Videos,bus=pci.8,addr=0x0: cannot initialize fsdev 'fsdev-fs0': failed to open '/home/DATA/WDB4T/yamiyuki/Videos': Permission denied
Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/asyncjob.py", line 65, in cb_wrapper
callback(asyncjob, *args, **kwargs)
File "/usr/share/virt-manager/virtManager/asyncjob.py", line 101, in tmpcb
callback(*args, **kwargs)
File "/usr/share/virt-manager/virtManager/object/libvirtobject.py", line 57, in newfn
ret = fn(self, *args, **kwargs)
File "/usr/share/virt-manager/virtManager/object/domain.py", line 1329, in startup
self._backend.create()
File "/usr/lib/python3/dist-packages/libvirt.py", line 1353, in create
raise libvirtError('virDomainCreate() failed')
libvirt.libvirtError: internal error: qemu unexpectedly closed the monitor: 2022-03-05T03:40:51.692907Z qemu-system-x86_64: -device virtio-9p-pci,id=fs0,fsdev=fsdev-fs0,mount_tag=/Videos,bus=pci.8,addr=0x0: cannot initialize fsdev 'fsdev-fs0': failed to open '/home/DATA/WDB4T/yamiyuki/Videos': Permission denied
I found this guide that should allow me to do it by changing some AppArmor settings:
However, when I try to run aa-complain, here’s what I got:
$ sudo aa-complain /etc/apparmor.d/libvirt/libvirt-9b59cd23-94b4-4c3c-82d8-c57761b6c732
Setting /etc/apparmor.d/libvirt/libvirt-9b59cd23-94b4-4c3c-82d8-c57761b6c732 to complain mode.
ERROR: AppArmor parser error for /etc/apparmor.d/libvirt/libvirt-9b59cd23-94b4-4c3c-82d8-c57761b6c732 in profile /etc/apparmor.d/libvirt/libvirt-9b59cd23-94b4-4c3c-82d8-c57761b6c732 at line 9: Could not open 'libvirt/libvirt-9b59cd23-94b4-4c3c-82d8-c57761b6c732.files'
However, I found my Lubuntu VM under a different UUID:
$ cat /etc/apparmor.d/libvirt/libvirt-ab5e7f07-982b-4da4-a276-62b606cc4c38.files
# DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT.
"/var/log/libvirt/**/Lubuntu.log" w,
"/var/lib/libvirt/qemu/domain-Lubuntu/monitor.sock" rw,
"/var/lib/libvirt/qemu/domain-1-Lubuntu/*" rw,
"/run/libvirt/**/Lubuntu.pid" rwk,
"/run/libvirt/**/*.tunnelmigrate.dest.Lubuntu" rw,
"/media/yamiyuki/ExtSSD/QEMU/lubuntu.qcow2" rwk,
"/home/DATA/SGBC2T/yamiyuki/Downloads/ISOs/lubuntu_jammy-desktop-amd64.iso" rk,
"/usr/share/OVMF/OVMF_CODE_4M.fd" rk,
# don't audit writes to readonly files
deny "/usr/share/OVMF/OVMF_CODE_4M.fd" w,
"/var/lib/libvirt/qemu/nvram/Lubuntu_VARS.fd" rwk,
"/dev/vhost-net" rw,
"/var/lib/libvirt/qemu/domain-1-Lubuntu/{,**}" rwk,
"/var/lib/libvirt/qemu/channel/target/domain-1-Lubuntu/{,**}" rwk,
"/var/lib/libvirt/qemu/domain-1-Lubuntu/master-key.aes" rwk,
I tried to use aa-complain on that profile, but while the command work, I wasn’t able to boot my VM with the directory mounted.