On Wed, Aug 21, 2019 at 12:47:03PM -0400, Marcus Furlong wrote: > On Wed, 21 Aug 2019 at 08:23, Daniel P. Berrangé <berrange@xxxxxxxxxx> wrote: > > > > On Tue, Aug 20, 2019 at 11:11:07AM -0400, Marcus Furlong wrote: > > > Resend to libvir-list in case that is more appropriate: > > > > > > > > > Hi, > > > > > > I get the following error when running libvirtd on MacOS as root: > > > > > > 2019-07-11 00:12:33.673+0000: 123145573953536: error : > > > qemuProcessQMPLaunch:8501 : internal error: Failed to start QEMU > > > binary /usr/local/bin/qemu-system-x86_64 for probing: libvirt: error > > > : cannot set supplemental groups: Invalid argument > > > > Are you able to run 'strace' (or whatever MacOS eqiuv is) to see > > the values passed to setgroups when it fails ? > > I ran `dtruss -f -l -s /usr/local/sbin/libvirtd` but the setgroups > calls seem to be missing. > > Looking at other sources, it seems like some have special treatment of > setgroups on MacOS, e.g. samba: > > https://github.com/samba-team/samba/blob/v4-11-stable/source3/smbd/sec_ctx.c#L261-#L305 > > Perhaps this is needed for libvirt? The capping of ngroups to NGROUPS_MAX looks like a possibe reason. Adding this debug might show us if we're exceeding it: diff --git a/src/util/virutil.c b/src/util/virutil.c index 89d2cf011f..effc02b898 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -1043,6 +1043,7 @@ virSetUIDGID(uid_t uid, gid_t gid, gid_t *groups ATTRIBUTE_UNUSED, } # if HAVE_SETGROUPS + VIR_DEBUG("setgroups %d max %d", ngroups, NGROUPS_MAX); if (gid != (gid_t)-1 && setgroups(ngroups, groups) < 0) { virReportSystemError(errno, "%s", _("cannot set supplemental groups")); Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
