Ubuntu
virtualbox package

Bug #1935856
Comment #3

Comment 3 for bug 1935856

Revision history for this message

Oliver Maurhart (dyle71) wrote on 2021-07-30:

Hi *,

I'm affected by this bug too. What I noticed:
When I run
```
$ strace -ff -o VBoxManage.trace VBoxManage startvm 92522455-ebd0-4a67-8a38-4ba05ca3fc00
```
and check the trace files for any "perm" I see
```
$ grep -i perm VBoxManage.trace.101*
...
VBoxManage.trace.10169:openat(AT_FDCWD, "/dev/loop5", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = -1 EACCES (Permission denied)
VBoxManage.trace.10169:openat(AT_FDCWD, "/dev/loop3", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = -1 EACCES (Permission denied)
VBoxManage.trace.10179:openat(AT_FDCWD, "/dev/vboxnetctl", O_RDWR) = -1 EACCES (Permission denied)
VBoxManage.trace.10183:capset({version=0 /* _LINUX_CAPABILITY_VERSION_??? */, pid=0}, {effective=1<<CAP_NET_RAW|1<<CAP_SYS_NICE, permitted=1<<CAP_NET_RAW|1<<CAP_SYS_NICE, inheritable=0}) = -1 EINVAL (Invalid argument)
...
```

Checking the (device-)file in question, I see:
```
$ ls -l /dev/vboxnetctl
crw------- 1 root root 10, 120 Jul 30 09:27 /dev/vboxnetctl
```

I'm not root, so that's clear to me then. But my user is member of the vboxuser group.
So changing the access permission to
```
$ sudo chgrp vboxusers /dev/vboxnetctl && sudo chmod g+rw /dev/vboxnetctl
$ ls -l /dev/vboxnetctl
crw-rw---- 1 root vboxusers 10, 120 Jul 30 09:27 /dev/vboxnetctl
```

And trying again, renders now
```
$ strace -ff -o VBoxManage.trace VBoxManage startvm 92522455-ebd0-4a67-8a38-4ba05ca3fc00
...
$ grep -i perm VBox*
...
VBoxManage.trace.9788:openat(AT_FDCWD, "/dev/loop5", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = -1 EACCES (Permission denied)
VBoxManage.trace.9788:openat(AT_FDCWD, "/dev/loop3", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = -1 EACCES (Permission denied)
VBoxManage.trace.9798:openat(AT_FDCWD, "/dev/vboxnetctl", O_RDWR) = -1 EPERM (Operation not permitted)
VBoxManage.trace.9802:capset({version=0 /* _LINUX_CAPABILITY_VERSION_??? */, pid=0}, {effective=1<<CAP_NET_RAW|1<<CAP_SYS_NICE, permitted=1<<CAP_NET_RAW|1<<CAP_SYS_NICE, inheritable=0}) = -1 EINVAL (Invalid argument)
...
```

So, it's "Operation not permitted" and somehow relates to Linux Capabilities
```
$ man capabilities
```

Mehhh, ... puhh ... I'll investigate further...

Hi *,

I'm affected by this bug too. What I noticed:
When I run 
```
$ strace -ff -o VBoxManage.trace VBoxManage startvm 92522455-ebd0-4a67-8a38-4ba05ca3fc00
```
and check the trace files for any "perm" I see
```
$ grep -i perm VBoxManage.trace.101*
...
VBoxManage.trace.10169:openat(AT_FDCWD, "/dev/loop5", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = -1 EACCES (Permission denied)
VBoxManage.trace.10169:openat(AT_FDCWD, "/dev/loop3", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = -1 EACCES (Permission denied)
VBoxManage.trace.10179:openat(AT_FDCWD, "/dev/vboxnetctl", O_RDWR) = -1 EACCES (Permission denied)
VBoxManage.trace.10183:capset({version=0 /* _LINUX_CAPABILITY_VERSION_??? */, pid=0}, {effective=1<<CAP_NET_RAW|1<<CAP_SYS_NICE, permitted=1<<CAP_NET_RAW|1<<CAP_SYS_NICE, inheritable=0}) = -1 EINVAL (Invalid argument)
...
```

Checking the (device-)file in question, I see:
```
$ ls -l /dev/vboxnetctl 
crw------- 1 root root 10, 120 Jul 30 09:27 /dev/vboxnetctl
```

I'm not root, so that's clear to me then. But my user is member of the vboxuser group.
So changing the access permission to
```
$ sudo chgrp vboxusers /dev/vboxnetctl && sudo chmod g+rw /dev/vboxnetctl
$ ls -l /dev/vboxnetctl 
crw-rw---- 1 root vboxusers 10, 120 Jul 30 09:27 /dev/vboxnetctl
```

So, it's "Operation not permitted" and somehow relates to Linux Capabilities
```
$ man capabilities
```

Mehhh, ... puhh ... I'll investigate further...

Ubuntuvirtualbox package

Comment 3 for bug 1935856

Ubuntu
virtualbox package