Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[macOS] Cannot start VM with podman machine start because it tries to start gvproxy from /usr/libexec/podman/gvproxy #11226

Closed
tnk4on opened this issue Aug 13, 2021 · 5 comments · Fixed by #11449
Closed

[macOS] Cannot start VM with podman machine start because it tries to start gvproxy from /usr/libexec/podman/gvproxy #11226

tnk4on opened this issue Aug 13, 2021 · 5 comments · Fixed by #11449
Assignees
@baude
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@tnk4on
Copy link
Contributor

tnk4on commented Aug 13, 2021
edited
Loading

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

When I run podman machine start even though I have placed gvproxy in a valid execution path, I get an error that gvproxy is not found in the path and cannot start the VM.

Steps to reproduce the issue:

On the Mac client:

  1. Get the Podman 3.3.0-rc2 source code and build it

  2. Get the gvproxy binary and place it in execution path

$ wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.1.0/gvproxy-darwin
$ chmod 755 gvproxy-darwin
$ mv gvproxy-darwin /usr/local/bin/gvproxy
  1. Run "podman machine start", it will stop with an error.
$ podman machine start
Error: unable to start host networking: "stat /usr/libexec/podman/gvproxy: no such file or directory"

Describe the results you received:

I can't create directories under /usr/libexec/ even if I have root privileges.

$ sudo mkdir /usr/libexec/podman
Password:
mkdir: /usr/libexec/podman: Operation not permitted

The reason is that System Integrity Protection is currently enabled in macOS.
https://support.apple.com/en-us/HT204899

Describe the results you expected:

The VM will be successfully started.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

$ podman version
Client:
Version:      3.3.0-dev
API Version:  3.3.0-dev
Go Version:   go1.16.6
Git Commit:   a5adadf83b0f11c168563d1f26ebb7535cab4b9c-dirty
Built:        Sat Aug 14 04:00:57 2021
OS/Arch:      darwin/amd64

Package info (e.g. output of rpm -q podman or apt list podman):

v3.3.0-rc2
https://github.com/containers/podman/archive/refs/tags/v3.3.0-rc2.tar.gz

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

  • MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports)
  • macOS Big Sur Version 11.4
@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label Aug 13, 2021
@rhatdan
Copy link
Member

rhatdan commented Aug 16, 2021

@ashley-cui Are we not shipping gvproxy?

@ashley-cui
Copy link
Member

@rhatdan I'm currently working on shipping it via homebrew. Though the gvproxy is not shipped in our tarball that's downloaded from github artifacts.

@baude baude self-assigned this Aug 16, 2021
@baude
Copy link
Member

baude commented Aug 16, 2021

ill take this one ...

@ashley-cui
Copy link
Member

@baude just FYI, homebrew doesn't automatically symlink libexec.install (it does for every other location but not libexec) got me tripped up on Thursday..

baude added a commit to baude/podman that referenced this issue Aug 16, 2021
@baude
fix gvproxy path search for macos
30d534c 
macos does not have /usr/libexec/ so we look in the executable paths
first.

Fixes: containers#11226

Signed-off-by: Brent Baude <bbaude@redhat.com>
@baude baude mentioned this issue Aug 16, 2021
Merged
baude added a commit to baude/podman that referenced this issue Aug 16, 2021
@baude
fix gvproxy path search for macos
440188f 
macos does not have /usr/libexec/ so we look in the executable paths
first.

Fixes: containers#11226

[NO TESTS NEEDED]

Signed-off-by: Brent Baude <bbaude@redhat.com>
@tnk4on
Copy link
Contributor Author

tnk4on commented Aug 17, 2021

I was able to podman machine start using the updated v3.3 branch.
Thanks!

$ which gvproxy
/usr/local/bin/gvproxy
$ rm -rf /var/folders/df/vy1htn753fd_w4420rltfg0w0000gn/T/podman/qemu_podman-machine-default.sock
$ podman machine start
INFO[0000] waiting for clients...
INFO[0000] listening tcp://0.0.0.0:7777
INFO[0000] new connection from  to /var/folders/df/vy1htn753fd_w4420rltfg0w0000gn/T/podman/qemu_podman-machine-default.sock
Waiting for VM ...
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
$ podman version
Client:
Version:      3.3.0-dev
API Version:  3.3.0-dev
Go Version:   go1.16.6
Git Commit:   39cab790cc90c77d4b4a156f5f885077b267cbd9
Built:        Tue Aug 17 10:21:08 2021
OS/Arch:      darwin/amd64

Server:
Version:      3.2.3
API Version:  3.2.3
Go Version:   go1.16.6
Built:        Tue Aug  3 04:39:21 2021
OS/Arch:      linux/amd64

@rhatdan rhatdan closed this as completed Aug 17, 2021
simnalamburt pushed a commit to simnalamburt/podman that referenced this issue Sep 4, 2021
@baude @simnalamburt
fix gvproxy path search for macos
38dcd6e 
macos does not have /usr/libexec/ so we look in the executable paths
first.

Fixes: containers#11226

[NO TESTS NEEDED]

Signed-off-by: Brent Baude <bbaude@redhat.com>
@simnalamburt simnalamburt mentioned this issue Sep 4, 2021
Merged
@jonpspri jonpspri mentioned this issue Sep 8, 2021
Closed
jonpspri added a commit to jonpspri/podman that referenced this issue Sep 9, 2021
@jonpspri
Use Make GVPROXY_PATH to locate gvproxy
5170c5c 
Presented as an alternative to PR containers#11449

Rather than do backflips in the code to locate `gvproxy`, use a
build-time variable to set the location.  That variable can default to
`/usr/libexec` but other build packages (_e.g._ Homebrew) can set it to
something of their liking.

I'll take no offense if the consensus is that we do not want to pollute
the build, but we should likely add a runtime configuration parameter as an
alternative in that case.

Fixes: containers#11226

Signed-off-by: Jonathan Springer <jonpspri@gmail.com>
simnalamburt pushed a commit to simnalamburt/podman that referenced this issue Sep 10, 2021
@baude @simnalamburt
fix gvproxy path search for macos
4e74a64 
macos does not have /usr/libexec/ so we look in the executable paths
first.

Fixes: containers#11226

[NO TESTS NEEDED]

Signed-off-by: Brent Baude <bbaude@redhat.com>
@afbjorklund afbjorklund mentioned this issue Sep 12, 2021
Closed
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 21, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 21, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@baude baude

Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
4 participants
@rhatdan @baude @ashley-cui @tnk4on