Tried to install another Linux distro inside a virtual machine so I can test the latest WINE without having to mess with Bazzite. Every time I do, the UEFI firmware it gives me an Access Denied error when QEMU’s virtual disc drive tries to access it.
I have given it permissions via ujust virtualization, removed the Flatpak version and layered the native RPM version of virt-manager, moved the ISO to /var/lib/libvirt/images so QEMU has no excuse, even disabled SELinux entirely, yet I still get Access Denied.
Nothing shows up in journalctl or dmesg about permissions relating to the ISO. All I get on the virtual machine’s firmware is
BdsDxe: failed to load Boot0001 "UEFI QEMU DVD-ROM QM00001 " from PciRoot(0x0)/Pci(0x1F,0x2)/Sata(0x0,0xFFFF),0x0) : Access Denied
I have been able to work around this by using the Flatpak version of GNOME Boxes instead, ISOs work in it fine (presuming it’s running as user?) but this has been frustrating to deal with nonetheless.
What are you running, Bluefin, Aurora?
Are you using devmode (-dx)?
Forgot to label, sorry! It’s Bazzite, non-DX version.
Sorry to necro this but I am having the same problem. I wanted to run virtual machine manager because with that I can pass USB devices. With Boxes I cannot. Trying to map my Azeron without having to switch to Windows (and Antimicrox doesn’t work for me).
Ok, I found a solution.
-
First be sure to run “ujust setup-virtualization” and choose the menu point that adds your user to libvirt, this can’t be done form the command prompt.
-
I made a folder in my home folder that I also gave libvirt group permissions to access.
-
Make a flatpak override:
flatpak override --user --filesystem=[folder] org.virt_manager.virt-manager
Then log out and log in again.
2 Likes
I ran into this same error last night, except I’m on Aurora-dx so it’s not a flatpak permissions issue with virt-manager. I can create and boot VMs in BIOS but not UEFI. What worked for me is to uncheck the “try secure boot” check box in the VM EFI settings. No problems after that. Posting for anyone else who might run into this.