Open jicvi opened 4 years ago
Hi @jclivi, can you please post multipass info --all
and also logs from journalctl -u snap.multipass*
? Thanks!
$ multipass info --all Name: ubuntu State: Running IPv4: 10.84.117.100 Release: Ubuntu 18.04.4 LTS Image hash: 3c3a67a14257 (Ubuntu 18.04 LTS) Load: 0.00 0.00 0.00 Disk usage: 1.1G out of 19.2G Memory usage: 79.3M out of 1.9G
Also, it's not clear if you're using Multipass on Windows, OSX, or Linux. Could you please post the output of multipass version
?
Linux run multipass
deepin
Also, if you're using Linux, could you please tell us the distro you are using? And if you're using OSX, which version of OSX?
-- Logs begin at Thu 2020-03-12 00:13:04 CST, end at Thu 2020-03-12 01:25:29 CST. -- jclivi multipassd[27032]: QMP: {"timestamp": {"seconds": 1583943853, "microseconds": 579021}, "event": "RTC_CHAN jclivi multipassd[27032]: mounting /data => /home/ubuntu/data in ubuntu jclivi multipassd[27032]: process program '/snap/multipass/1784/bin/sshfs_server' jclivi multipassd[27032]: process arguments '10.84.117.100, 22, ubuntu, /data, /home/ubunt jclivi multipassd[32430]: Applying AppArmor policy: multipass.ubuntu.1d81eb88.sshfs_server jclivi multipassd[27032]: ssh connection failed: 'Socket create failed: Permission denied' jclivi multipassd[27032]: Mount '/home/ubuntu/data' in instance "ubuntu" has stopped unexpectedly: Proc
$ uname -a Linux jclivi 4.15.0-30deepin-generic #31 SMP Fri Nov 30 04:29:02 UTC 2018 x86_64 GNU/Linux
lsb_release -a No LSB modules are available. Distributor ID: Deepin Description: Deepin 15.11 Release: 15.11 Codename: stable
@jclivi when this happens, can you please have a look at the output of dmesg
and see if there's any AppArmor DENIED
messages that seem relevant?
[ 3727.223417] audit: type=1400 audit(1583949073.731:572177): apparmor="ALLOWED" operation="recvmsg" profile="snap.microk8s.daemon-etcd" pid=6205 comm="etcd" laddr=::ffff:127.0.0.1 lport=12379 faddr=::ffff:127.0.0.1 fport=41674 family="inet6" sock_type="stream" protocol=6 requested_mask="receive" denied_mask="receive" [ 3727.223597] audit: type=1400 audit(1583949073.731:572178): apparmor="ALLOWED" operation="sendmsg" profile="snap.microk8s.daemon-etcd" pid=6205 comm="etcd" laddr=::ffff:127.0.0.1 lport=12379 faddr=::ffff:127.0.0.1 fport=41674 family="inet6" sock_type="stream" protocol=6 requested_mask="send" denied_mask="send" [ 3727.223709] audit: type=1400 audit(1583949073.731:572179): apparmor="ALLOWED" operation="sendmsg" profile="snap.microk8s.daemon-etcd" pid=6205 comm="etcd" laddr=::ffff:127.0.0.1 lport=12379 faddr=::ffff:127.0.0.1 fport=41674 family="inet6" sock_type="stream" protocol=6 requested_mask="send" denied_mask="send" [ 3727.223749] audit: type=1400 audit(1583949073.731:572180): apparmor="ALLOWED" operation="sendmsg" profile="snap.microk8s.daemon-etcd" pid=6205 comm="etcd" laddr=::ffff:127.0.0.1 lport=12379 faddr=::ffff:127.0.0.1 fport=41674 family="inet6" sock_type="stream" protocol=6 requested_mask="send" denied_mask="send" [ 3727.223832] audit: type=1400 audit(1583949073.731:572181): apparmor="ALLOWED" operation="sendmsg" profile="snap.microk8s.daemon-etcd" pid=6205 comm="etcd" laddr=::ffff:127.0.0.1 lport=12379 faddr=::ffff:127.0.0.1 fport=41674 family="inet6" sock_type="stream" protocol=6 requested_mask="send" denied_mask="send" jclivi@jclivi:~$ dmesg | grep "AppArmor" jclivi@jclivi:~$ dmesg | grep "DENIED"
@Saviq Isn't ssh configured
@jclivi this is quite weird, can you try:
$ sudo systemctl edit snap.multipass.multipassd.service
# add the following lines and save the file
# [Service]
# Environment=DISABLE_APPARMOR=1
$ snap restart multipass
And then try again?
The journal logs should say AppArmor disabled by environment variable
.
Ok, I installed Deepin in a VM and reproduced the behavior. These are the DENIED
messages in dmesg
:
[ 1275.966690] audit: type=1400 audit(1583953833.922:40235): apparmor="DENIED" operation="open" profile="multipass.test1.bf87f4b0.sshfs_server" name="/etc/ssh/ssh_config" pid=11695 comm="sshfs_server" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 1275.966694] audit: type=1400 audit(1583953833.922:40236): apparmor="DENIED" operation="create" profile="multipass.test1.bf87f4b0.sshfs_server" pid=11695 comm="sshfs_server" family="inet" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[ 1283.688488] audit: type=1400 audit(1583953841.642:40239): apparmor="DENIED" operation="open" profile="multipass.test1.bf87f4b0.sshfs_server" name="/etc/ssh/ssh_config" pid=11724 comm="sshfs_server" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 1283.688490] audit: type=1400 audit(1583953841.642:40240): apparmor="DENIED" operation="create" profile="multipass.test1.bf87f4b0.sshfs_server" pid=11724 comm="sshfs_server" family="inet" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[ 1294.335016] audit: type=1400 audit(1583953852.290:40243): apparmor="DENIED" operation="open" profile="multipass.test1.bf87f4b0.sshfs_server" name="/etc/ssh/ssh_config" pid=11753 comm="sshfs_server" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 1294.335132] audit: type=1400 audit(1583953852.290:40244): apparmor="DENIED" operation="create" profile="multipass.test1.bf87f4b0.sshfs_server" pid=11753 comm="sshfs_server" family="inet" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
So it's definitely AppArmor denying this. Also, I tried the DISABLE_APPARMOR=1
and it works. I'll need to investigate what is needed in our AppArmor profile.
@townsend2010 $ sudo systemctl status snap.multipass.* ● snap.multipass.multipassd.service - Service for snap application multipass.multipassd Loaded: loaded (/etc/systemd/system/snap.multipass.multipassd.service; enabled; vendor prese Active: active (running) since Thu 2020-03-12 09:10:27 CST; 6min ago Main PID: 13857 (multipassd) Tasks: 9 (limit: 4915) Memory: 33.7M CPU: 1.590s CGroup: /system.slice/snap.multipass.multipassd.service └─13857 /snap/multipass/1784/bin/multipassd --verbosity debug --logger platform
3月 12 09:10:27 jclivi systemd[1]: Started Service for snap application multipass.multipassd. 3月 12 09:10:27 jclivi /usr/bin/snap[13857]: cmd.go:105: DEBUG: restarting into "/snap/core/curr 3月 12 09:10:28 jclivi multipassd[13857]: Unable to determine subnet for the mpqemubr0 subnet 3月 12 09:10:28 jclivi multipassd[13857]: Using AppArmor support lines 1-14...skipping... ● snap.multipass.multipassd.service - Service for snap application multipass.multipassd Loaded: loaded (/etc/systemd/system/snap.multipass.multipassd.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2020-03-12 09:10:27 CST; 6min ago Main PID: 13857 (multipassd) Tasks: 9 (limit: 4915) Memory: 33.7M CPU: 1.590s CGroup: /system.slice/snap.multipass.multipassd.service └─13857 /snap/multipass/1784/bin/multipassd --verbosity debug --logger platform
3月 12 09:10:27 jclivi systemd[1]: Started Service for snap application multipass.multipassd. 3月 12 09:10:27 jclivi /usr/bin/snap[13857]: cmd.go:105: DEBUG: restarting into "/snap/core/current/usr/bin/snap" 3月 12 09:10:28 jclivi multipassd[13857]: Unable to determine subnet for the mpqemubr0 subnet 3月 12 09:10:28 jclivi multipassd[13857]: Using AppArmor support 3月 12 09:10:28 jclivi multipassd[13975]: Applying AppArmor policy: multipass.dnsmasq 3月 12 09:10:28 jclivi multipassd[13857]: 3月 12 09:10:28 jclivi multipassd[13857]: dnsmasq: 3月 12 09:10:28 jclivi multipassd[13857]: dnsmasq: cannot create DHCP socket: Permission denied 3月 12 09:10:28 jclivi multipassd[13857]: dnsmasq: cannot create DHCP socket: Permission denied
@townsend2010 -- Logs begin at Thu 2020-03-12 01:40:13 CST, end at Thu 2020-03-12 09:27:22 CST. -- 3月 12 01:44:31 jclivi dnsmasq-dhcp[11424]: DHCPRELEASE(mpqemubr0) 10.84.117.100 52:54:00:aa:cc:57 3月 12 01:44:31 jclivi dnsmasq-dhcp[11424]: DHCPRELEASE(mpqemubr0) 10.84.117.252 52:54:00:6d:8a:18 3月 12 01:44:39 jclivi multipassd[10551]: QMP: {"timestamp": {"seconds": 1583948679, "microseconds": 531085}, "event": "NIC_RX_F 3月 12 01:44:42 jclivi dnsmasq-dhcp[11424]: DHCPDISCOVER(mpqemubr0) 52:54:00:5f:2f:85 3月 12 01:44:42 jclivi dnsmasq-dhcp[11424]: DHCPOFFER(mpqemubr0) 10.84.117.38 52:54:00:5f:2f:85 3月 12 01:44:42 jclivi dnsmasq-dhcp[11424]: DHCPDISCOVER(mpqemubr0) 52:54:00:5f:2f:85 3月 12 01:44:42 jclivi dnsmasq-dhcp[11424]: DHCPOFFER(mpqemubr0) 10.84.117.38 52:54:00:5f:2f:85 3月 12 01:44:42 jclivi dnsmasq-dhcp[11424]: DHCPREQUEST(mpqemubr0) 10.84.117.38 52:54:00:5f:2f:85 3月 12 01:44:42 jclivi dnsmasq-dhcp[11424]: DHCPACK(mpqemubr0) 10.84.117.38 52:54:00:5f:2f:85 ubuntu-18 3月 12 01:44:53 jclivi multipassd[9306]: Applying AppArmor policy: multipass.qemu-img 3月 12 01:44:53 jclivi multipassd[9317]: Applying AppArmor policy: multipass.qemu-img 3月 12 01:44:54 jclivi multipassd[10551]: process working dir '/snap/multipass/1784/qemu' 3月 12 01:44:54 jclivi multipassd[10551]: process program 'qemu-system-x86_64' 3月 12 01:44:54 jclivi multipassd[10551]: process arguments '--enable-kvm, -device, virtio-scsi-pci,id=scsi0, -drive, file=/var/ 3月 12 01:44:54 jclivi multipassd[10551]: qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.vmx 3月 12 01:44:54 jclivi multipassd[9356]: Applying AppArmor policy: multipass.ubuntu.qemu-system-x86_64 3月 12 01:44:54 jclivi multipassd[10551]: process started 3月 12 01:44:54 jclivi multipassd[10551]: QMP: {"QMP": {"version": {"qemu": {"micro": 1, "minor": 11, "major": 2}, "package": "( 3月 12 01:44:55 jclivi multipassd[10551]: QMP: {"return": {}} 3月 12 01:45:13 jclivi multipassd[10551]: QMP: {"timestamp": {"seconds": 1583948713, "microseconds": 286961}, "event": "RTC_CHAN 3月 12 01:45:25 jclivi multipassd[10551]: failed to obtain exit status for remote process '[ -e /var/lib/cloud/instance/boot-fin
@jclivi this is quite weird, can you try:
$ sudo systemctl edit snap.multipass.multipassd.service # add the following lines and save the file # [Service] # Environment=DISABLE_APPARMOR=1 $ snap restart multipass
And then try again?
The journal logs should say
AppArmor disabled by environment variable
.
After modifying and restarting, I can mount the file to vm.
jclivi@jclivi:~$ multipass mount /home/jclivi/data ubuntu:/home/ubuntu/data
jclivi@jclivi:~$ multipass shell ubuntu
ubuntu@ubuntu:~$ cd data/
ubuntu@ubuntu:~/data$ ls
ubuntu@ubuntu:~/data$ ls
ubuntu@ubuntu:~/data$ ls
1.txt
sudo systemctl status snap.multipass.* ● snap.multipass.multipassd.service - Service for snap application multipass.multipassd Loaded: loaded (/etc/systemd/system/snap.multipass.multipassd.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/snap.multipass.multipassd.service.d └─override.conf Active: active (running) since Thu 2020-03-12 09:22:42 CST; 17min ago Main PID: 22679 (multipassd) Tasks: 18 (limit: 4915) Memory: 809.6M CPU: 1min 44.713s CGroup: /system.slice/snap.multipass.multipassd.service ├─22679 /snap/multipass/1784/bin/multipassd --verbosity debug --logger platform ├─22764 /snap/multipass/1784/usr/sbin/dnsmasq --strict-order --bind-interfaces --pid-file=/var/snap/multipass/common ├─25099 /snap/multipass/1784/usr/bin/qemu-system-x86_64 --enable-kvm -device virtio-scsi-pci,id=scsi0 -drive file=/v └─26500 /snap/multipass/1784/bin/sshfs_server 10.84.117.74 22 ubuntu /home/jclivi/data /home/ubuntu/data 1000:-1, 10
3月 12 09:26:25 jclivi multipassd[22679]: mounting /home/jclivi/data => /home/ubuntu/data in ubuntu 3月 12 09:26:25 jclivi multipassd[22679]: process program '/snap/multipass/1784/bin/sshfs_server' 3月 12 09:26:25 jclivi multipassd[22679]: process arguments '10.84.117.74, 22, ubuntu, /home/jclivi/data, /home/ubuntu/data, 100 3月 12 09:26:26 jclivi multipassd[22679]: SSHFS was not found on the host: 10.84.117.74 3月 12 09:26:26 jclivi multipassd[22679]: Mount '/home/ubuntu/data' in instance "ubuntu" has stopped unexpectedly: Process retur 3月 12 09:26:26 jclivi multipassd[22679]: Installing sshfs in 'ubuntu' 3月 12 09:27:24 jclivi multipassd[22679]: mounting /home/jclivi/data => /home/ubuntu/data in ubuntu
Let's keep this open as it is a real issue that needs fixing. The environment variable is just a work around.
$ multipass mount ~/data/ ubuntu:/home/ubuntu/data mount failed: The following errors occurred:
error mounting "/home/ubuntu/data": Process returned exit code: 1: ssh connection failed: 'Socket create failed: Permission denied'