search

sickcodes / Docker-OSX

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
https://hub.docker.com/r/sickcodes/docker-osx
GNU General Public License v3.0
36.2k stars 1.79k forks source link

Could not access KVM kernel module: Permission denied #48

Closed hakonhagland closed 4 years ago

hakonhagland commented 4 years ago

I am trying to run sickcodes/docker-osx inside an Ubuntu 20.04 KVM virtual machine (on a host which is also Ubuntu 20.04):

$ docker run --privileged -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix sickcodes/docker-osx
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519 
qemu-system-x86_64: warning: dbind: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-mfk2NhEUpq: Connection refused
Could not access KVM kernel module: Permission denied
qemu-system-x86_64: failed to initialize kvm: Permission denied
hakonhagland commented 4 years ago

Seems to be fixed with:

sudo chmod 666 /dev/kvm

Then retried:

$ docker run --privileged -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix sickcodes/docker-osx
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519 
qemu-system-x86_64: warning: dbind: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-mfk2NhEUpq: Connection refused
QEMU 5.0.0 monitor - type 'help' for more information
(qemu) qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000007H:EDX.invtsc [bit 8]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000007H:EDX.invtsc [bit 8]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000007H:EDX.invtsc [bit 8]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000007H:EDX.invtsc [bit 8]
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5231:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize DAC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5231:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize DAC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
audio: Failed to create voice `dac'
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5231:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize ADC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4743:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5231:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize ADC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
audio: Failed to create voice `adc'
hakonhagland commented 4 years ago

It now shows a black window with a hard disk with the text macOS Base System. If I click the disk it says QEMU - press CTRL+ALT+G to release grab. If I press the key combination nothing happens.

hakonhagland commented 4 years ago

If I first click the disk and then press the ENTER key it boots the OS

hakonhagland commented 4 years ago

Now I got to the screen with Select the disk where you want to install macOS. If I click on the disk with macOS Base System, 2.01 GB total, 667.6 MB available it says This disk is locked

hakonhagland commented 4 years ago

Ok after the repartition operation as described Additional Boot Instructions on this site I am able to install on the new disk

hakonhagland commented 4 years ago

Seem like the installation crashed shortly after:

bash: line 21:    12 Killed                  qemu-system-x86_64 -enable-kvm -m 5000 -cpu Penryn,kvm=on,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+pcid,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check -machine q35 -smp 4,cores=4 -usb -device usb-kbd -device usb-tablet -device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc -drive if=pflash,format=raw,readonly,file=/home/arch/OSX-KVM/OVMF_CODE.fd -drive if=pflash,format=raw,file=./OVMF_VARS-1024x768.fd -smbios type=2 -device ich9-intel-hda -device hda-duplex -device ich9-ahci,id=sata -drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 -device ide-hd,bus=sata.2,drive=OpenCoreBoot -device ide-hd,bus=sata.3,drive=InstallMedia -drive id=InstallMedia,if=none,file=BaseSystem.img,format=raw -drive id=MacHDD,if=none,file=/home/arch/OSX-KVM/mac_hdd_ng.img,format=qcow2 -device ide-hd,bus=sata.4,drive=MacHDD -netdev user,id=net0,hostfwd=tcp::10022-:22, -device e1000-82545em,netdev=net0,id=net0,mac=52:54:00:09:49:17 -monitor stdio -vga vmware
hakonhagland commented 4 years ago

I will try to restart the container with

docker start 84a9e947de39
hakonhagland commented 4 years ago

It crashed again after installing for 5 minutes approximately

sickcodes commented 4 years ago

How much disk space do you have? How much hardware, RAM?

hakonhagland commented 4 years ago

@sickcodes Of course. I did not think about that I was running from the KVM VM, I think I only had 40GB disk allocated to the VM. I am trying on another machine now, but now trying a custom setup of RAM and disk space:

docker build --build-arg VERSION=10.15.5 --build-arg SIZE=100G -t docker-osx:latest .

But when I run it:

docker run -e RAM=8 -e SMP=4 -e CORES=4 -e EXTRA= -e INTERNAL_SSH_PORT=10022 --privileged -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:latest

I get 

gtk initialization failed
hakonhagland commented 4 years ago

According to #1 I should be able to do

sudo apt install x11-xserver-utils
xhost +

and then run

 docker run --privileged -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix sickcodes/docker-osx ./OpenCore-Boot.sh

but this gives me:

qemu-system-x86_64: warning: dbind: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-WMgyLbwz8L: Connection refused
qemu-system-x86_64: could not configure /dev/net/tun (tap0): Operation not permitted
hakonhagland commented 4 years ago

@sickcodes I tried to run the original command on the new machine:

docker run --privileged -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix sickcodes/docker-osx

and was able to install macOS 10.15.5 with 200GB disk! It is Great! Though I am not able to set the disk size and the version of the OS as you can do with docker-osx:latest so I hope this can be fixed in the future

sickcodes commented 4 years ago

They’re both the same, one is built on hub.docker.com the other is local.

However, we changed disk size to 200G because it didn’t matter and there were complaints for too small disk size.

Glad to hear you fixed the issue :) I will remove the messages about disk size because it doesn’t really matter how big. It only matters how small :)