MX Linux Forum

QEMU VM cannot access qcow2 storage with my user as owner. Have tried many chown/chmod combinations, but my lack of Debian expertise prevents success. Any help is well appreciated,

gilblais wrote: Tue Apr 22, 2025 7:41 am QEMU VM cannot access qcow2 storage with my user as owner. Have tried many chown/chmod combinations, but my lack of Debian expertise prevents success. Any help is well appreciated,

Hi:
Something similar happened to me when accessing from a laptop to the external drive where I have the VMs, try to give your user permission on the folder "/media/gil", I solved it like this: You can also do it from Thunar as administrator in the properties of that folder and change the permissions to everything under...

Best regards

The SSD-980 is an NTFS file system if that makes a difference.
Here are the associated system details:
Error starting domain: Cannot access storage file '/media/gil/SSD-980/VM-QCOWS/MX-23.5' (as uid:64055, gid:64055): Permission denied

Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/asyncjob.py", line 72, in cb_wrapper
callback(asyncjob, *args, **kwargs)
File "/usr/share/virt-manager/virtManager/asyncjob.py", line 108, in tmpcb
callback(*args, **kwargs)
File "/usr/share/virt-manager/virtManager/object/libvirtobject.py", line 57, in newfn
ret = fn(self, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/share/virt-manager/virtManager/object/domain.py", line 1402, in startup
self._backend.create()
File "/usr/lib/python3/dist-packages/libvirt.py", line 1373, in create
raise libvirtError('virDomainCreate() failed')
libvirt.libvirtError: Cannot access storage file '/media/gil/SSD-980/VM-QCOWS/MX-23.5' (as uid:64055, gid:64055): Permission denied

Also - system cannot change permissions - see attached.

Not an expert in this but I have read that qemu VMs cannot open a filesystem mounted outside of their working directory.
Try using disk-manager to mount the drive with the qcow file inside the VM working directory instead of under /media

gilblais wrote: Tue Apr 22, 2025 12:58 pm libvirt.libvirtError: Cannot access storage file '/media/gil/SSD-980/VM-QCOWS/MX-23.5' (as uid:64055, gid:64055): Permission denied

Suggest mount with disk-manager under /mnt instead of manually under /media:
like this mount point: B/c: /media/usernam mount performed by udisks, will set "ACL" "Access Control List" restrictions:
In your case the acl may look like this: which is: the directory is owned by root, but through ACL given
permissions to the user "gil", where "other" indicates no-access for other usera like "qemu".
And ACL can't be changed with chmod.
Hence suggest use another mount point, handled not by udisks.
Also ntfs3 vs ntfs-3g might be relevant, depending and kernel you are using.

Here is what I get:

$ getfacl media/gil
getfacl: media/gil: No such file or directory
gil@mx:~
$ getfacl /media/gil/
getfacl: Removing leading '/' from absolute path names
# file: media/gil/
# owner: root
# group: root
user::rwx
user:gil:r-x
group::---
mask::r-x
other::---

Attached is my system info file

gilblais wrote: Tue Apr 22, 2025 3:04 pm Here is what I get:

$ getfacl media/gil
getfacl: media/gil: No such file or directory
gil@mx:~
$ getfacl /media/gil/
getfacl: Removing leading '/' from absolute path names
# file: media/gil/
# owner: root
# group: root
user::rwx
user:gil:r-x
group::---
mask::r-x
other::---

Yes. "other::---" Hence the advice given to mount under /mnt/SSD-980/ using disk-mangager
( on cli/terminal command line use disk-manager-launcher ).
Open disk-manager, First unmount the existing mount, click Edit, navigate to /mnt and create a new directory "SSD-980"
under /mnt. and select SSD-980. but keep gvfs-show mountoption ( so it will be visible in Thunar.)
This mount will also default to use ntfs-3g, which is known to be more stable and robust compared to the fairly new "ntfs3".
In case you don't have the external drive permanently connected, add
nofail mount options to the exiting ones, this might help systemd not to complain or wait when it can't find the external drive.
and otionally add also "noauto" as it will no mounted with boot, but can be mount with one click in Thunar.
OK, disk-manager would default to mount under /media, which was chosen as a compromise,
but carries a potential conflict, in case a partition would have the same label as a username. So, I personally
do recommend get out of the conflict and use a new directory under /mnt.

gilblais wrote: Tue Apr 22, 2025 12:58 pm The SSD-980 is an NTFS file system if that makes a difference.
Here are the associated system details:
Error starting domain: Cannot access storage file '/media/gil/SSD-980/VM-QCOWS/MX-23.5' (as uid:64055, gid:64055): Permission denied

The UID and GID of 64055 are unusual. Typically if you're running MX as an unpriviledged user its UID will by 1000, or close to 1000.

If I were in this situation, I'd check that I have read and/or write permissions to each part of the path:
And so on. It's OK if the ownership is root, but the mode of each directory needs to be 0755 in order to get to the contents within it. If I have a directory that's owned by UID:GID 64055:64055 and my UID:GID is 1000:1000, I can still read it if the permissions grant read access to everyone.