[elbe-devel] Start initvm on system boot as normal user

Lukasz Walewski lwalewski at s-can.at
Fri Mar 10 17:32:29 CET 2017 

Hi,

My goal is to have the initvm running as the OS service that would be brought up/down on system startup/shutdown as documented here: https://github.com/Linutronix/elbe/wiki/Start-initvm-on-system-boot. The important detail is that I want it to run as normal user and not as root.

Following previous discussion on this list I created the initvm in /opt/elbe/initvm, adapted the following files:

   /etc/default/elbe
   /lib/systemd/system/elbe.service

accordingly and activated the elbe service using systemctl. However, after rebooting the system the service fails to start:

lwa at jessie:~$ sudo systemctl status elbe
[sudo] password for lwa:
● elbe.service - ELBE initvm
   Loaded: loaded (/lib/systemd/system/elbe.service; enabled)
   Active: failed (Result: exit-code) since Fri 2017-03-10 17:10:57 CET; 20s ago
  Process: 1158 ExecStop=/usr/bin/elbe control shutdown_initvm (code=exited, status=10)
  Process: 549 ExecStart=/usr/bin/elbe initvm --directory ${INITVMDIR} start (code=exited, status=0/SUCCESS)

Mar 10 17:10:47 jessie elbe[549]: Could not access KVM kernel module: Permission denied
Mar 10 17:10:47 jessie elbe[549]: failed to initialize KVM: Permission denied
Mar 10 17:10:47 jessie elbe[549]: make: *** [run-con] Error 1
Mar 10 17:10:47 jessie elbe[549]: *
Mar 10 17:10:57 jessie elbe[1158]: Failed to connect to Soap server localhost:7587
Mar 10 17:10:57 jessie elbe[1158]: Check, wether the initvm is actually running.
Mar 10 17:10:57 jessie elbe[1158]: try 'elbe initvm --directory /path/to/initvm start'
Mar 10 17:10:57 jessie systemd[1]: elbe.service: control process exited, code=exited status=10
Mar 10 17:10:57 jessie systemd[1]: Failed to start ELBE initvm.
Mar 10 17:10:57 jessie systemd[1]: Unit elbe.service entered failed state.

Strangely enough I can start the service manually right after logging in (i.e. after the system finishes booting):

lwa at jessie:~$ sudo systemctl start elbe
lwa at jessie:~$ sudo systemctl status elbe
● elbe.service - ELBE initvm
   Loaded: loaded (/lib/systemd/system/elbe.service; enabled)
   Active: active (running) since Fri 2017-03-10 17:15:47 CET; 9s ago
  Process: 1158 ExecStop=/usr/bin/elbe control shutdown_initvm (code=exited, status=10)
  Process: 1453 ExecStart=/usr/bin/elbe initvm --directory ${INITVMDIR} start (code=exited, status=0/SUCCESS)
 Main PID: 1459 (tmux)
   CGroup: /system.slice/elbe.service
           ├─1459 tmux new-session -d -c /opt/elbe/initvm -s ElbeInitVMSession -n initvm make run...
           ├─1460 bash -c make run-con 2> /opt/elbe/initvm/run.log
           ├─1461 make run-con
           ├─1462 /bin/sh -c kvm -M pc \ -device virtio-rng-pci \ -drive file=buildenv.img,if=vir...
           └─1464 qemu-system-x86_64 -enable-kvm -M pc -device virtio-rng-pci -drive file=builden...

Mar 10 17:15:47 jessie elbe[1453]: *****
Mar 10 17:15:47 jessie systemd[1]: Started ELBE initvm.

Interestingly, tmux and all its child processes run as normal user (here: lwa) as expected:

lwa at jessie:~$ pstree -u 1459
tmux(lwa)───bash───make───sh───qemu-system-x86───2*[{qemu-system-x86}]

Here is the content of my configuration file:

lwa at jessie:~$ cat /lib/systemd/system/elbe.service
[Unit]
Description=ELBE initvm

[Service]
Type=forking
EnvironmentFile=/etc/default/elbe
ExecStart=/usr/bin/elbe initvm --directory ${INITVMDIR} start
ExecStop=/usr/bin/elbe control shutdown_initvm
User=lwa

[Install]
WantedBy=multi-user.target

I suspect some problem with dependencies or sequence of units started by systemd. Could someone please shed some light on what can go wrong here?

Best regards,
Lukasz


---
Dr. Lukasz Walewski
s::can Messtechnik GmbH
Brigittagasse 22-24, A-1200 Wien




----------------------------------------

scan Messtechnik GmbH
Brigittagasse 22-24
A-1200 Wien/Vienna
tel. +43 1 219 73 93 - 0
fax +43 1 219 73 93 - 12
http://www.s-can.at
office at s-can.at

Geschaeftsfuehrer/President: DI Andreas Weingartner
Firmenbuchnummer/Incorporation No: FN178880i
Gerichtsstand/Court of Jurisdiction: Wien/Vienna

----------------------------------------

s::can - intelligent, optical, online

i::scan - compact, precise and affordable!
UV254::NTU::FTU::TOC::DOC::COD::BOD::Colour ...and many more to come!
http://www.i-scan.at
----------------------------------------
"YES WE SCAN !"

More information about the elbe-devel mailing list