On Tue, Sep 23, 2025 at 12:32:13PM +0200, Stefano Brivio wrote: > On Tue, 23 Sep 2025 14:36:41 +0800 > Yumei Huang wrote: > > > On Tue, Sep 23, 2025 at 4:03 AM Stefano Brivio wrote: > > > > > > On Mon, 22 Sep 2025 11:03:23 +0800 > > > Yumei Huang wrote: > > > > > > > On Fri, Sep 19, 2025 at 5:58 PM Stefano Brivio wrote: > > > > > > > > > > On Fri, 19 Sep 2025 09:43:29 +0800 > > > > > Yumei Huang wrote: > > > > > > > > > > > Signed-off-by: Yumei Huang > > > > > > --- > > > > > > test/README.md | 31 +++++++++++++++++++++++++++++-- > > > > > > 1 file changed, 29 insertions(+), 2 deletions(-) > > > > > > > > > > > > diff --git a/test/README.md b/test/README.md > > > > > > index 91ca603..e3e9d37 100644 > > > > > > --- a/test/README.md > > > > > > +++ b/test/README.md > > > > > > @@ -32,7 +32,7 @@ Example for Debian, and possibly most Debian-based distributions: > > > > > > git go iperf3 isc-dhcp-common jq libgpgme-dev libseccomp-dev linux-cpupower > > > > > > lm-sensors lz4 netavark netcat-openbsd psmisc qemu-efi-aarch64 > > > > > > qemu-system-arm qemu-system-misc qemu-system-ppc qemu-system-x86 > > > > > > - qemu-system-x86 sipcalc socat strace tmux uidmap valgrind > > > > > > + sipcalc socat strace tmux uidmap valgrind > > > > > > > > > > > > NOTE: the tests need a qemu version >= 7.2, or one that contains commit > > > > > > 13c6be96618c ("net: stream: add unix socket"): this change introduces support > > > > > > @@ -81,7 +81,12 @@ The following additional packages are commonly needed: > > > > > > > > > > > > ## Regular test > > > > > > > > > > > > -Just issue: > > > > > > +Before running the tests, you need to prepare the required assets: > > > > > > + > > > > > > + cd test > > > > > > + make assets > > > > > > + > > > > > > +Then issue: > > > > > > > > > > > > ./run > > > > > > > > > > > > @@ -91,6 +96,28 @@ variable settings: DEBUG=1 enables debugging messages, TRACE=1 enables tracing > > > > > > > > > > > > PCAP=1 TRACE=1 ./run > > > > > > > > > > > > +**Note:** > > > > > > + > > > > > > +* It's recommended to run the commands as a non-root user. > > > > > > + Due to [Bug 967509](https://bugzilla.redhat.com/show_bug.cgi?id=967509), > > > > > > + if you switch users with `su` or `sudo`, the directory `/run/user/ID` may > > > > > > + not be created. In that case, `XDG_RUNTIME_DIR` will incorrectly point to > > > > > > + `/run/user/0` instead of `/run/user/ID`, which can cause error. > > > > > > > > > > Thanks for the research, I wasn't aware of that, and recently spent > > > > > quite some time figuring that out (for other reasons): > > > > > > > > > > https://issues.redhat.com/browse/RHEL-70222 > > > > > > > > > > in that case, XDG_RUNTIME_DIR was simply not set. Things were working > > > > > with 'machinectl shell' instead. > > > > > > > > > > At the same time: running this whole stuff as root sounds rather crazy, > > > > > unless it's a throw-away VMs with absolutely nothing important on it. > > > > > > > > > > That is, regardless of the issue with XDG_RUNTIME_DIR. I would maybe > > > > > make the wording stronger, something like: > > > > > > > > > > * Don't run the tests as root, it's not needed! > > > > > * If you really need to, note that ... > > > > > > > > > > > + **Workaround:** Log out and log back in as the intended user to ensure the > > > > > > + correct runtime directory is set up. > > > > > > > > > > We could also suggest 'machinectl shell' if it's really needed for > > > > > whatever reason. > > > > > > > > I'm not sure how 'machinectl shell' works here. The error happens when > > > > running 'make assets', > > > > which calls 'prepare-distro-img.sh' script, which calls 'virsh edit'. > > > > > > Ah, I didn't know! So this is actually similar to > > > https://issues.redhat.com/browse/RHEL-70222. > > > > > > > If we run 'make assets' with root, the error is like this: > > > > > > > > ./prepare-distro-img.sh prepared-debian-8.11.0-openstack-amd64.qcow2 > > > > libguestfs: error: could not create appliance through libvirt. > > > > Original error from libvirt: Cannot access storage file > > > > '/home/test/passt/test/prepared-debian-8.11.0-openstack-amd64.qcow2' > > > > (as uid:107, gid:107): Permission denied [code=38 int1=13] > > > > > > > > If we switch to a non-root user via 'su', the error is like this: > > > > > > > > ./prepare-distro-img.sh prepared-debian-8.11.0-openstack-amd64.qcow2 > > > > libvirt: XML-RPC error : Cannot create user runtime directory > > > > '/run/user/0/libvirt': Permission denied > > > > libguestfs: error: could not connect to libvirt (URI = > > > > qemu:///session): Cannot create user runtime directory > > > > '/run/user/0/libvirt': Permission denied [code=38 int1=13] > > > > make: *** [Makefile:115: prepared-debian-8.11.0-openstack-amd64.qcow2] Error 1 > > > > > > > > Do you mean to run 'make assets' with 'machinectl shell'? What's the > > > > exact cmd here? I tried this, seems not work. > > > > > > > > # machinectl shell --uid=$(id -u pat) .host > > > > /home/test/passt/test/make assets > > > > Connected to the local host. Press ^] three times within 1s to exit session. > > > > > > > > Connection to the local host terminated. > > > > > > No, I mean using 'machinectl shell' instead of 'su' (it's intended as a > > > replacement), that is: > > > > > > $ machinectl shell > > > # make assets > > > > > > ...because that one will set XDG_RUNTIME_DIR. > > > > Yes, 'machinectl shell' will solve the issue when switching to a > > non-root user via su. But it doesn't solve the issue when running > > 'make assets' as root. They are actually different issues as above. > > Can one need specify a XDG_RUNTIME_DIR that actually exists, maybe? > Does that work? > > > Maybe we can just put it like: > > > > Running the commands as root is just not allowed. If you login > > the system with root, don't use su to switch users due to [Bug > > 967509](https://bugzilla.redhat.com/show_bug.cgi?id=967509). Log out > > and log back in as the intended user, or use 'machinectl shell > > --uid=$user'. > > > > What do you think? > > Well, it's free software, so "not allowed" doesn't really mean much. > > I would simply warn users that it's a bad idea and it's not needed, > something like my previous proposal: > > * Don't run the tests as root, it's not needed! > * If you really need to, note that ... > > and then just list the workaround that actually works. > > I think the most typical need for running things as root is that you > don't actually have other users (it happens with some VM images or > in embedded systems), so 'machinectl shell --uid=$user' won't really > help there. > > Maybe just mention setting XDG_RUNTIME_DIR to whatever is appropriate > (does /tmp work?)? I wonder if we're overcomplicating things. The README doesn't need to address every possible option, just the common / expected ones. So I think it's sufficient to say "don't test as root, the whole point of passt is not to run as root". If you insist on testing as root you can figure out the details yourself. -- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson