Hello Michal, thank you for the reply!
Booting the live debian iso everything works in virt-manager, but again, after clicking "run", a copy of the vm image is created in /run/live/overlay/rw/var/lib/libvirt/images and only then does the VM start.
I've carefully tested everything you suggested, thanks.
I set dynamic_ownership=0 and use these hooks during the live build for permissions. (I googled a lot, and apparently libvirt needs the images to be executable too)
chown -R libvirt-qemu:kvm /var/lib/libvirt/images
chmod -R g+rwx /var/lib/libvirt/images
Either it's still being chowned or chmodded somehow, or it's something else, but I can't stop this copy being made.
Interestingly, when I boot the Live debian iso and then copy the images into /var/lib/libvirt/images from my USB stick, the VM starts immediately without creating any copies in the /run/live.... directory. So my guess is that maybe the squashfs could be the issue?
Editing the XML
<source file='/var/lib/libvirt/images/vm1.qcow2'>
<seclabel relabel='no'/>
</source>
<seclabel relabel='no'/>
</source>
This results in an error:
Unsupported Configuration:
Security driver model 'null' not available
Here I tried setting security_driver=none in qemu.conf but same error after.
</devices>
<seclabel type='none'/>
</domain>
This also returns an Error but I'm still googling to understand it properly.
XML document failed to validate against schema
Unable to validate doc against /usr/share/libvirt/schemas/domain.rng
Invalid element relabel for element seclabel
Extra element seclabel in interleave
Element domain failed to validate content
Thanks again so much for your helo, I've been messing with this for weeks now and it's killing me.
On Tue, Nov 23, 2021, 9:43 PM Michal Prívozník <mprivozn@xxxxxxxxxx> wrote:
On 11/23/21 17:25, Elias Mobery wrote:
>
> Hi everyone!
>
> I've built a Debian Live ISO with packages qemu and libvirt to run a VM
> in the live environment.
>
> The guest images are placed in /var/lib/libvirt/images and 2GB each.
>
> Everything works great, except for one issue.
>
> When starting a VM, libvirt automatically issues a chown command to the
> images, changing ownership.
>
> This results in a copy of the images being created in
> /run/live/overlay/rw/var/lib/libvirt/images
>
> I don't want these copies to be made but can't stop it.
>
> I've tried editing qemu.conf user/group, dynamic ownership etc. without
> any luck.
>
> Is there a way to STOP libvirt from changing the ownership of these images?
>
>
Setting dynamic_ownership=0 in qemu.conf is the way to go (don't forget
to restart the daemon after you made the change).
Alternatively, you can set <seclabel/> either for whole domain or
individual disks, e.g. like this:
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/libvirt/images/vm1.qcow2'>
<seclabel relabel='no'/>
</source>
</disk>
or for whole domain:
...
</devices>
<seclabel type='none'/>
</domain>
I'm not sure what your setup is, but if chown() is a problem then what
if guest tries to write onto its disk? Wouldn't that create a copy in
overlay?
Michal
