RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2207940 - [RFE] Enable qemu-ui-dbus subpackage
Summary: [RFE] Enable qemu-ui-dbus subpackage
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: qemu-kvm
Version: RHIVOS 1.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: 9.3
Assignee: Miroslav Rezanina
QA Contact: jingzhao
URL:
Whiteboard:
Depends On: 2212731
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-05-17 11:51 UTC by Sandro Bonazzola
Modified: 2023-11-07 09:22 UTC (History)
11 users (show)

Fixed In Version: qemu-kvm-8.0.0-9.el9
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-11-07 08:27:35 UTC
Type: Feature Request
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Gitlab redhat/centos-stream/src qemu-kvm merge_requests 178 0 None opened Enable DBUS display 2023-07-04 09:12:08 UTC
Red Hat Issue Tracker RHELPLAN-157499 0 None None None 2023-05-17 11:54:03 UTC
Red Hat Product Errata RHSA-2023:6368 0 None None None 2023-11-07 08:28:33 UTC

Description Sandro Bonazzola 2023-05-17 11:51:13 UTC 
For Red Hat In-Vehicle OS the Digital Cockpit team wants to move away from the qemu GTK ui backend and instead use the dbus ui backend + libmks.
In order to achieve that we need qemu-ui-dbus subpackage to be built.

The package is already available in Fedora ELN (https://koji.fedoraproject.org/koji/rpminfo?rpmID=34385695)

But it's not built for CentOS Stream 9 / RHEL 9 target (https://kojihub.stream.centos.org/koji/buildinfo?buildID=32828)

For this request, no need to include the sub-package in RHEL but we'll need it available in CentOS Stream 9 for CentOS Automotive SIG.
Comment 1 John Ferlan 2023-05-17 21:18:45 UTC 
Mirek - assigned to you for procedural purposes (at least for now)

Yash - adding you as CC because we may need to think about how this ends up being delivered from a RHEL offering and whether we need to start thinking in terms of how we managed the OpenShift sandboxed containers (Kata) with a different qemu-kvm build which I'm starting to believe is what RHIVOS may end up wanting/needing.  I'm under the impression there is quite a bit of the existing qemu-kvm "package" that they perhaps don't want.

Meirav - adding you as CC to be aware of the RHIVOS request
Comment 2 Miroslav Rezanina 2023-05-25 13:41:47 UTC 
Hi Sandro,

can you test this build [1] whether package works as required??

[1] https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=52865944
Comment 3 Sandro Bonazzola 2023-05-26 10:18:36 UTC 
(In reply to Miroslav Rezanina from comment #2)
> Hi Sandro,
> 
> can you test this build [1] whether package works as required??
> 
> [1] https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=52865944

Yes, the team is testing it, I'll let you know the results as soon as I have them.
Comment 4 Sandro Bonazzola 2023-05-29 09:36:04 UTC 
Notes:
- I think qemu-kvm-ui-dbus should require qemu-kvm no? just installing qemu-kvm-ui-dbus won't allow you to run qemu
- I couldn't install it on el9: nothing provides libnuma.so.1(libnuma_1.6)(64bit) needed by qemu-kvm-core-17:8.0.0-4.el9.next.candidate.x86_64
Comment 6 Miroslav Rezanina 2023-05-29 12:46:26 UTC 
(In reply to Sandro Bonazzola from comment #4)
> Notes:
> - I think qemu-kvm-ui-dbus should require qemu-kvm no? just installing
> qemu-kvm-ui-dbus won't allow you to run qemu
> - I couldn't install it on el9: nothing provides
> libnuma.so.1(libnuma_1.6)(64bit) needed by
> qemu-kvm-core-17:8.0.0-4.el9.next.candidate.x86_64

Nope, dependency works other way. qemu-kvm package (full qemu-kvm) requires ui-dbus. We use same approach for qemu-kvm modules - they required qemu-kvm-common package. Not remmmember the reason now. 

It is strange numactl was not found and require additional repo. Were RHEL properly configured as I see the package in BaseOS compose.
Comment 7 Sandro Bonazzola 2023-05-29 13:21:02 UTC 
(In reply to Miroslav Rezanina from comment #6)
> Nope, dependency works other way. qemu-kvm package (full qemu-kvm) requires
> ui-dbus. We use same approach for qemu-kvm modules - they required
> qemu-kvm-common package. Not remmmember the reason now. 
> 
> It is strange numactl was not found and require additional repo. Were RHEL
> properly configured as I see the package in BaseOS compose.

I guess it's because I was testing it on CentOS Stream 9 and numactl 2.0.16 has not been pushed there yet https://kojihub.stream.centos.org/koji/packageinfo?packageID=1370

We are trying to minimize the packages required there to reduce the dependency tree, so I guess we'll go with qemu-kvm-core and qemu-kvm-ui-dbus as top level and then add whatever else will be needed.
Comment 8 Sandro Bonazzola 2023-05-30 07:46:51 UTC 
with dbus graphical device I got several selinux denials.
I tried writing some pp but it started becoming complicated, managed to run it in permissive mode.
Attaching 'ausearch -m avc' output.
Should I open a separate bug for the selinux denials?
Comment 10 Albert Esteve 2023-05-31 12:08:14 UTC 
Hi all,

I have been able to test the package on centOS Stream 9.

After installing the packages (qemu-kvm-ui-dbus and numactl-2.0.16) I run qemu+dbus display with:

   $ /usr/libexec/qemu-kvm \
       --hda /var/lib/libvirt/images/centos-stream8.qcow2 \
       -display dbus -device virtio-vga \
       -cpu host -m 4G -smp 2 -enable-kvm \
       --cdrom /var/lib/libvirt/images/CentOS-Stream-8-20230517.0-x86_64-boot.iso

Then we need to attach a frontend to see the screen and interact with it. I've built a container with libmks that can be run as:

   $ podman run -e DISPLAY \
       -v /run/user/1000/:/run/user/1000/ \
       -e XDG_RUNTIME_DIR=/run/user/1000 --ipc host \
       -e DBUS_SESSION_BUS_ADDRESS \
       --mount "type=bind,$(echo "${DBUS_SESSION_BUS_ADDRESS}" | sed -e 's/unix:path=\(.\+\)/src=\1,dst=\1/')" \
       --userns keep-id --security-opt label=disable \
       --privileged --rm -it \
       quay.io/alesgar/libmks

The command line options try to share the dbus session and display from the container environment with the host, but ultimately this works
the same as running libmks locally would. But we avoid dealing with the requirements (e.g., gtk 4.11.2).
Running this command will pop up a new gtkwidget window with the qemu-kvm guest (in my case, centos 8 installation screen).
And I am able to interact with it with my mouse and keyboard.

I can also run `dbus-monitor` to capture the interactions between qemu and mks, e.g. mouse moving:
```
   method call time=1685534632.012617 sender=:1.218 -> destination=:1.214 serial=500 path=/org/qemu/Display1/Console_0; interface=org.qemu.Display1.Mouse; member=SetAbsPosition
      uint32 71
      uint32 422
```

Thus, everything works as expected.
Comment 11 Sandro Bonazzola 2023-06-15 12:12:30 UTC 
@mrezanin can you please review https://gitlab.com/CentOS/automotive/rpms/qemu/-/merge_requests/1 ?
I'm trying to make a build with dbus display enabled but I have some troubles there.
Comment 12 Sandro Bonazzola 2023-06-29 08:56:13 UTC 
Tested 20230628 rebase from https://copr.fedorainfracloud.org/coprs/g/centos-automotive-sig/dui/builds/

on a clean CentOS Stream 9 system as root user and worked flawlessly without any selinux denial.
selinux-policy-targeted-38.1.15-1.el9.noarch

# cat run-script.sh 
#!/usr/bin/bash

/usr/libexec/qemu-kvm \
       --hda /var/lib/libvirt/images/centos.qcow2 \
       -display dbus -device virtio-vga \
       -cpu host -m 4G -smp 2 -enable-kvm \
       --cdrom /var/lib/libvirt/images/CentOS-Stream-9-latest-x86_64-boot.iso

# cat view.sh 
podman run -e DISPLAY \
       -v /run/user/0/:/run/user/0/ \
       -e XDG_RUNTIME_DIR=/run/user/0 --ipc host \
       -e DBUS_SESSION_BUS_ADDRESS \
       --mount "type=bind,$(echo "${DBUS_SESSION_BUS_ADDRESS}" | sed -e 's/unix:path=\(.\+\)/src=\1,dst=\1/')" \
       --security-opt label=disable \
       --privileged --rm -it \
       quay.io/alesgar/libmks
Comment 19 Yanan Fu 2023-07-25 05:33:50 UTC 
QE bot(pre verify): Set 'Verified:Tested,SanityOnly' as gating/tier1 test pass.
Comment 25 errata-xmlrpc 2023-11-07 08:27:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: qemu-kvm security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6368
Note You need to log in before you can comment on or make changes to this bug.