VirtualBox

Opened 18 months ago

Last modified 7 days ago

#21218 new defect

USB drives do not connect to Virtualbox 7.0.2 under macOS host

Reported by: ianr77 Owned by:
Component: USB Version: VirtualBox-7.0.2
Keywords: Cc:
Guest type: Linux Host type: Mac OS X

Description

Attempting to attach a USB drive from the host os (macOS) to the guest (Lubuntu) fails, even when drives are unmounted on the host, and an appropriate USB filter has been defined. Errors as follows: 

Failed to attach the USB device SanDisk Cruzer [0100] to the virtual machine Lubuntu 2.
Failed to create a proxy device for the USB device. (Error: VERR_SHARING_VIOLATION).

Log attached. 

Failed to attach the USB device SanDisk Cruzer [0100] to the virtual machine Lubuntu 2.
Could not find a USB device with uuid {}.
Callee RC:
NS_ERROR_FAILURE (0X80004005)

Attachments (2)

Lubuntu 2-2022-10-30-00-51-08.log (202.1 KB ) - added by ianr77 18 months ago.
Log
VBox.log (205.2 KB ) - added by Jimson 17 months ago.
Vbox.log file for issue with OL8 VM

Download all attachments as: .zip

Change History (22)

by ianr77, 18 months ago

Attachment: Lubuntu 2-2022-10-30-00-51-08.log added

Log

comment:1 by LGFox, 18 months ago

I have the same issue on MacOS Ventura 13.0, guest system Windows 10.

As recommended here https://forums.virtualbox.org/viewtopic.php?f=8&t=107333, I tried to install VB 6.1.40, but it didn't work on Ventura at all.

I think it has nothing to do with the guest system because I also tried Windows 7, Windows XP as guest systems.

Using USB filters won't work either.

comment:2 by LGFox, 18 months ago

Thanks to a guy Matafaga, I managed to get USB connected on MacOS Ventura 13.0 with VB 7.0.2:

  1. Start VB using "sudo virtualbox"
  2. Go to your guest OS settings->Ports->USB and select "USB 3.0 (xHCI)"
  3. Then just start your guest OS and USB devices should work. No need to use USB filters.

comment:3 by mstadler, 17 months ago

Same issue is still happening in Virtualbox 7.0.4.

"sudo virtualbox" is not a viable solution or workaround. Mac users need a proper fix for this.

comment:4 by yagee, 17 months ago

Same problem. USB disks won't work with MacOS 13 host.

by Jimson, 17 months ago

Attachment: VBox.log added

Vbox.log file for issue with OL8 VM

comment:5 by aeichner, 16 months ago

This is currently under investigation and the problem description was passed to Apple, waiting for a response from them.

comment:6 by LGFox, 15 months ago

I still have this issue on VB 7.0.6 and MacOS Ventura 13.1

BTW, after "sudo virtualbox" command the virtual machine becomes inaccessable when VB is running normally. You can fix this by sudo chown -R my_user V_MACHINE_FOLDER

Last edited 15 months ago by LGFox (previous) (diff)

comment:7 by VBoxer1, 12 months ago

Confirming this issue for VB 7.0.8 on macOS Ventura 13.3.1.

Sorry to say that, but in my impression, macOS is getting worse with every release. Perhaps the next major release will be macOS Vista :-(

comment:8 by Krunoslav, 12 months ago

This was reported 6 months ago and nobody is still looking into this? Virtual box 7 on Mac is practically unusable without USB support. How to get someones attention on this matter?

comment:9 by aeichner, 12 months ago

As I wrote four months ago we passed the issue to Apple because we can't find out what is going wrong, something on their end blocks devices from being passed through. They are still investigating the issue...

comment:10 by amaksoft, 11 months ago

Any updates on this issue? I've tried both VirtualBox and VMware Fusion and noticed that USB works fine for vmware. A quick check shows that they run the VM process as root: 

amaksoft@amaksoft-mbp ~ $ ps aux | grep ubuntu
root             62701   1.8  1.6 68760190484 1057128 s006  S     9:26pm   1:10.14 /Applications/VMware Fusion.app/Contents/Library/vmware-vmx -s vmx.noUIBuildNumberCheck=TRUE -# product=1;name=vmrun;version=1.17.0;buildnumber=21581413;licensename=VMware Fusion for Mac OS;licenseversion=13.0; -@ duplex=3;msgs=ui /Users/amaksoft/my_vagrant_vms/ubuntu-22.10/.vagrant/machines/default/vmware_desktop/0cf5485e-1ba1-44a5-bb9d-0e05fe0258e5/ubuntu-22.10-amd64.vmx

While VirtualBox VM process runs as regular user 

amaksoft@amaksoft-mbp ~ $ ps aux | grep ubuntu
amaksoft         78253  15.8  2.4 37522200 1596612   ??  S    10:05pm   0:14.79 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless --comment ubuntu-mantic64_default_1685917378922_81181 --startvm 4d1a000a-1f4d-47ee-8ea8-3f7602082f88 --vrde config

Not sure i am comparing the right processes though. Is there any extra information i can gather to help?

in reply to:  10 comment:11 by amaksoft, 11 months ago

Following up. Further investigation shows that VMWare binary has setuid bit and is owned by root: 

amaksoft@amaksoft-mbp ~ $ ls -l@ /Applications/VMware\ Fusion.app/Contents/Library/vmware-vmx
-rwsr-xr-x@ 1 root  wheel  35826512 10 Apr 06:47 /Applications/VMware Fusion.app/Contents/Library/vmware-vmx
	com.apple.provenance	      11

While VirtualBox being owned by root, has no setuid bit: 

amaksoft@amaksoft-mbp ~ $ ls -l /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless
-rwxr-xr-x  1 root  admin  164192 17 Apr 18:52 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless

So running 

sudo chmod u+s /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless

seems to have solved the issue for me (took some extra dance to grant shell app the permission to change the file attributes though). The VBoxHeadless process runs as root now: 

amaksoft@amaksoft-mbp ~ $ ps aux | grep ubuntu
root             90736  11.8  2.8 37531720 1911896   ??  S    10:38pm   1:28.94 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless --comment ubuntu-mantic64_default_1685917378922_81181 --startvm 4d1a000a-1f4d-47ee-8ea8-3f7602082f88 --vrde config

USB connects/disconnects successfully.

Limitations: Only works for headless and detachable modes. GUI only mode uses a differenf binary VirtualBoxVM that breaks as apparently you are not allowed to use setuid bit for GUI MacOS apps: 

2023-06-06 23:03:25.864 VirtualBoxVM[98777:6777878] The application with bundle ID org.virtualbox.app.VirtualBoxVM is running setugid(), which is not allowed. Exiting.

Summarising: As long as I run VMs in headless or detachable modes, I am not forced to launch VirtualBox via sudo every time, which was the most disturbing part. I'd say that this is a much cleaner workaround. Can it be considered as a solution? Can make the VirtualBox installer set setuid bit for VBoxHeadless out for the box?

Last edited 11 months ago by amaksoft (previous) (diff)

comment:12 by amaksoft, 11 months ago

UPD: After checking the sources i see that MacOS installer's postflight script is supposed to set the setuid bits for VboxHeadless https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Installer/darwin/VirtualBox/postflight#L108

However it wasn't the case for me on VirtualBox 7.0.8 r156879 

amaksoft@amaksoft-mbp ~ $ /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless --version
Oracle VM VirtualBox Headless Interface 7.0.8
Copyright (C) 2008-2023 Oracle and/or its affiliates

7.0.8r156879
amaksoft@amaksoft-mbp ~ $ ls -l /Applications/VirtualBox.app/Contents/{MacOS/VBoxNetAdpCtl,MacOS/VBoxHeadless,MacOS/VBoxNetDHCP,MacOS/VBoxNetNAT,Resources/VirtualBoxVM.app/Contents/MacOS/VirtualBoxVM}
-rwxr-xr-x  1 root  admin   164192 17 Apr 18:52 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless
-rwsr-xr-x  1 root  admin    71264 17 Apr 18:50 /Applications/VirtualBox.app/Contents/MacOS/VBoxNetAdpCtl
-rwxr-xr-x  1 root  admin   236144 17 Apr 18:51 /Applications/VirtualBox.app/Contents/MacOS/VBoxNetDHCP
-rwxr-xr-x  1 root  admin   303104 17 Apr 18:51 /Applications/VirtualBox.app/Contents/MacOS/VBoxNetNAT
-rwxr-xr-x  1 root  admin  1185088 17 Apr 18:52 /Applications/VirtualBox.app/Contents/Resources/VirtualBoxVM.app/Contents/MacOS/VirtualBoxVM

The only binary out of all listed in the postflight script that has setuid bit is VBoxNetAdpCtl. The rest don't have it.

Why? Let's investigate the install package: 

amaksoft@amaksoft-mbp ~ $ mkdir VboxPkg
amaksoft@amaksoft-mbp ~ $ cd VboxPkg
amaksoft@amaksoft-mbp ~/VboxPkg $ xar -xf /Volumes/VirtualBox/VirtualBox.pkg
amaksoft@amaksoft-mbp ~/VboxPkg $ cd VirtualBox.pkg
amaksoft@amaksoft-mbp ~/VboxPkg/VirtualBox.pkg $ cat Scripts | gunzip -dc | cpio -i
12 blocks
amaksoft@amaksoft-mbp ~/VboxPkg/VirtualBox.pkg $ cat postflight | tail -n 15
#
# Workaround for 10.11 beta 6 in which the above chown strips the set-uid-to-root bit.
#
SET_UID_BINARIES="MacOS/VBoxNetAdpCtl"
for bin in ${SET_UID_BINARIES}; do
    chmod u+s "/Applications/VirtualBox.app/Contents/${bin}"
done

# Install provisioning profile if present, needed by VBoxHeadless.
if [ -f /Applications/VirtualBox.app/Contents/embedded.provisionprofile ]; then
    profiles -i -F /Applications/VirtualBox.app/Contents/embedded.provisionprofile
fi

exit 0;

The install package only applies setuid to VBoxNetAdpCtl, which matches the binaries atributes I observe above.

Why doesn't it match the code in trunk?

Anyway, here's the extended workaround shell command: 

amaksoft@amaksoft-mbp ~ $ for f in /Applications/VirtualBox.app/Contents/{MacOS/VBoxNetAdpCtl,MacOS/VBoxHeadless,MacOS/VBoxNetDHCP,MacOS/VBoxNetNAT}; do sudo chmod u+s $f; done
Last edited 11 months ago by amaksoft (previous) (diff)

comment:13 by Klaus Espenlaub, 11 months ago

The postflight scripts in 7.0 and trunk are the same. Our packaging uses a bit of trickery to adapt it to the VBOX_WITH_HARDENING build config flag, which isn't set any more since 7.0. Which removes the line https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Installer/darwin/VirtualBox/postflight#L106 . To be honest I'm unsure why VBoxNetAdpCtl is still suid root.

USB handling should work through entitlements, the provisioning profile and code signing.

in reply to:  2 ; comment:14 by codergoy, 8 months ago

Replying to LGFox:

Thanks to a guy Matafaga, I managed to get USB connected on MacOS Ventura 13.0 with VB 7.0.2:

  1. Start VB using "sudo virtualbox"
  2. Go to your guest OS settings->Ports->USB and select "USB 3.0 (xHCI)"
  3. Then just start your guest OS and USB devices should work. No need to use USB filters.

Does not work with 2023 M2 Max MBP + most recent Mac OS (Ventura 13.5.1).

Tried the extended workaround shell command from above, as well.

Would be great if we could get this sorted.

Last edited 8 months ago by codergoy (previous) (diff)

in reply to:  14 comment:15 by unturned3, 8 months ago

Replying to codergoy:

Does not work with 2023 M2 Max MBP + most recent Mac OS (Ventura 13.5.1).

Tried the extended workaround shell command from above, as well.

Would be great if we could get this sorted.

I'm glad I decided not to upgrade to Ventura. I'm using the setuid method on MacOS 12.6

comment:16 by Krunoslav, 6 months ago

Any progress on this? It is not only Linux guests, but Windows guest also. Crazy that thing like this does not get higher priority because it is hard to do serious work without USB support. Or Virtualbox is not targeting MacOS any more?

comment:17 by prokher, 4 months ago

Observe the same issue on VirtualBox 7.0.12 r159484 (Qt5.15.2) running over macOS 14.2.1 (23C71).

in reply to:  17 comment:18 by maracuja, 3 months ago

Replying to prokher:

Observe the same issue on VirtualBox 7.0.12 r159484 (Qt5.15.2) running over macOS 14.2.1 (23C71).

Same to me. To the devs: PLEASE, fix this bug soon'''

comment:19 by ognian, 10 days ago

sudo still necessary with VirtualBox 7.0.16. Any chance to see a fix soon?

comment:20 by VBoxer1, 7 days ago

Hi Developers,

I was curious, whether this bug is fixed in version 7.0.16 and just found out in the latest post, that it's probably not. That's sad, but I don't blame anyone and guess, you would like to have it off the desk as well. If you need help, let me know. I use a recent macOS 14 and have technical background to investigate, help out with testing etc. Let me know if I can be of service.

Best, VBoxer1

Last edited 7 days ago by VBoxer1 (previous) (diff)
Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use