Using Kicksecure as Host, and Whonix as a virtual machine running in KVM, the workstation does not launch due to error with shared folder.
"Error starting domain: internal error: qemu unexpectedly closed the monitor: […] qemu-system-x86_64: -device virtio-9p-pc,id=fs0,fdev=fsdev-fs0,mount_tag=shared,bus=pci.0,addr=0x8: cannot initialize fsdev ‘fsdev-fs0’: failed to open ‘/home/user/shared’: Permission denied
Traceback (most recent call last): File “/usr/share/virt-manager/virtManager/asyncjob.psy”, line 75 in cb_wrapper
callback(asyncjob, *args, **kwargs)
File “/usr/share/virt-manager/virtManager/asyncjob.psy”, line 111, in tmpcb
calback(*args, **kwargs)
File “/usr/share/virt-manager/virtManager/domain.py”,
line 1400, in startup
self._backend.create()
File “/usr/lib/python3/dist-packages/libvirt.py”, line 1080, in create
if ret == -1: raise libvirtError (‘virDomainCreate() failed’, dom=self)
libvirt.libvirtError: internal error: qemu unexpectedly closed the monitor: […] and then repeats the section from the start.
"
Kicksecure Host was installed like this: debian netinst with no desktop environment, then installing according to distro morphing documentation with Whonix Onion Repository.
Good idea, I made /home/shared and it worked, then I deleted and remade the shared folder in /home/user/shared the same way but it did not work (same error), so it has to do with the user directory and probably permissions, any idea to fix it in the user directory?
That’s great news. @Patrick are we shipping Kicksecure Host with a shared folder already? Perhaps the problem is caused by the mkdir command run as root?
Okay I just did that, but it had insufficient permissions without sudo, so I ran all those commands with sudo.
The machine launched successfully without error however, when testing by putting a file from the host, the file did not appear inside the vm shared folder.
Note, test file did show successfully up when mounting to /home/shared, but not /mnt/workstation-shared.
Going to reinstall everything from source next time I have some free time, so I will continue with more tests.
chmod 0777 means that user, group and others (everyone) can
read/write/execute. That doesn’t seem very appropriate anyhow.
What would be an appropriate way to set this up anyhow? What would be
the most secure and canonical location for these shared folders?
Somewhere in user’s home folder /home/user? Or under /mnt/ better? Group
owner user “user” and user/group “user” the only one allowed to
read/write but not execute?
I got confused by his thread title saying Kicksecure “Host”
I always did it under home folder. Seems more contained than using /mnt/? As for permissions I am open to more secure suggestions that don’t break functionality.