Attempting to launch a VM fails looking for empty list of UEFI firmwares

corriur · December 15, 2024, 11:33pm

I am trying to run a new VM for OpenWRT using Incus on a Fedora 41 IoT machine. I am trying to use the migrate tool to run it from their .img file, based on discussion from here. It successfully creates a VM but then is unable to start it.

I first encountered an error very similar to this user. I upgraded my packages, I now have Incus version 6.8 and QEMU 9.1.2 (qemu-9.1.2-2.fc41).

Currently I am getting Error: Couldn't find one of the required UEFI firmware files: [] trying to start this VM.

I found this discussion, and did the step linking seabios.bin in case, but was unsuccessful.

# ln -s /usr/share/seabios/bios.bin /usr/share/OVMF/seabios.bin

I also attempted to use the empty VM suggested in that discussion to isolate issues and check the logs.

# incus launch --empty --vm foo -c security.csm=true -c security.secureboot=false
Launching foo
Error: Couldn't find one of the required UEFI firmware files: []

# incus info --show-log foo
Name: foo
Status: STOPPED
Type: virtual-machine
Architecture: x86_64
Created: 2024/12/15 18:24 EST
Last Used: 1969/12/31 19:00 EST
Error: open /var/log/incus/foo/qemu.log: no such file or directory

I’m pretty lost here, hoping to find either guidance on further steps to troubleshoot, or a better way to install OpenWRT (I see there is a container, but I want the VM to do PCI devices).

Adam · January 10, 2025, 5:07pm

I encountered the same error trying to run very old Debian 9 VM image and this part fixed the issue for me. Thx!

corriur · January 12, 2025, 9:06pm

You’re welcome! There were a few bits of scattered information I found for this topic, glad it was helpful to link some of them together.

pyfon · January 12, 2025, 11:09pm

I’m getting the same bug on Arch Linux, trying to boot Debian 12 in BIOS mode.
Here’s how to reproduce the error (download the Debian 12 ISO first):

incus storage volume import default \
	~/debian-12.8.0-amd64-netinst.iso \
	debian-iso-volume \
	--type=iso

incus init trinity-poc \
	--empty \
	--vm \
	-c limits.cpu=4 \
	-c limits.memory=8GiB \
	-c security.csm=true \
	-c security.secureboot=false \
	--profile default \
	--profile vlan_servers

incus config device add trinity-poc iso-volume disk \
	pool=default \
	source=debian-iso-volume \
	boot.priority=10

incus start trinity-poc
incus console trinity-poc --type=vga

The ln -s /usr/share/seabios/bios.bin /usr/share/OVMF/seabios.bin trick didn’t help me.
Has this been raised as a bug on Github?
If not, I’m happy to do so.

Edit: I have also tried to turn off secure boot in my default profile, as suggested by the Arch Wiki, in case that was the cause, but no dice.

corriur · January 13, 2025, 3:48am

I have not raised this one on Github. If that would be a good place to look for help please feel free!

pyfon · January 14, 2025, 12:37am

I have raised the following bug:
https://github.com/lxc/incus/issues/1572

pyfon · January 16, 2025, 10:27pm

Well as you can see, on Arch at least, it’s because the INCUS_EDK2_PATH environment variable is set in the systemd unit, and it shouldn’t be.
Might be worth checking if this is the case in Fedora 41 IOT.

corriur · January 18, 2025, 4:25pm

That worked for me as well! Thank you for raising that issue.

pyfon · January 21, 2025, 10:14pm

No worries!