Opened 23 months ago
Closed 2 months ago
#21218 closed defect (fixed)
USB drives do not connect to Virtualbox 7.0.2 under macOS host
Reported by: | ianr77 | Owned by: | |
---|---|---|---|
Component: | USB | Version: | VirtualBox-7.0.2 |
Keywords: | Cc: | ||
Guest type: | Linux | Host type: | Mac OS X |
Description
Attempting to attach a USB drive from the host os (macOS) to the guest (Lubuntu) fails, even when drives are unmounted on the host, and an appropriate USB filter has been defined. Errors as follows:
Failed to attach the USB device SanDisk Cruzer [0100] to the virtual machine Lubuntu 2. Failed to create a proxy device for the USB device. (Error: VERR_SHARING_VIOLATION).
Log attached.
Failed to attach the USB device SanDisk Cruzer [0100] to the virtual machine Lubuntu 2. Could not find a USB device with uuid {}. Callee RC: NS_ERROR_FAILURE (0X80004005)
Attachments (2)
Change History (28)
by , 23 months ago
Attachment: | Lubuntu 2-2022-10-30-00-51-08.log added |
---|
comment:1 by , 23 months ago
I have the same issue on MacOS Ventura 13.0, guest system Windows 10.
As recommended here https://forums.virtualbox.org/viewtopic.php?f=8&t=107333, I tried to install VB 6.1.40, but it didn't work on Ventura at all.
I think it has nothing to do with the guest system because I also tried Windows 7, Windows XP as guest systems.
Using USB filters won't work either.
follow-up: 14 comment:2 by , 23 months ago
Thanks to a guy Matafaga, I managed to get USB connected on MacOS Ventura 13.0 with VB 7.0.2:
- Start VB using "sudo virtualbox"
- Go to your guest OS settings->Ports->USB and select "USB 3.0 (xHCI)"
- Then just start your guest OS and USB devices should work. No need to use USB filters.
comment:3 by , 22 months ago
Same issue is still happening in Virtualbox 7.0.4.
"sudo virtualbox" is not a viable solution or workaround. Mac users need a proper fix for this.
comment:5 by , 21 months ago
This is currently under investigation and the problem description was passed to Apple, waiting for a response from them.
comment:6 by , 20 months ago
I still have this issue on VB 7.0.6 and MacOS Ventura 13.1
BTW, after "sudo virtualbox" command the virtual machine becomes inaccessable when VB is running normally. You can fix this by sudo chown -R my_user V_MACHINE_FOLDER
comment:7 by , 17 months ago
Confirming this issue for VB 7.0.8 on macOS Ventura 13.3.1.
Sorry to say that, but in my impression, macOS is getting worse with every release. Perhaps the next major release will be macOS Vista :-(
comment:8 by , 17 months ago
This was reported 6 months ago and nobody is still looking into this? Virtual box 7 on Mac is practically unusable without USB support. How to get someones attention on this matter?
comment:9 by , 17 months ago
As I wrote four months ago we passed the issue to Apple because we can't find out what is going wrong, something on their end blocks devices from being passed through. They are still investigating the issue...
follow-up: 11 comment:10 by , 16 months ago
Any updates on this issue? I've tried both VirtualBox and VMware Fusion and noticed that USB works fine for vmware. A quick check shows that they run the VM process as root:
amaksoft@amaksoft-mbp ~ $ ps aux | grep ubuntu root 62701 1.8 1.6 68760190484 1057128 s006 S 9:26pm 1:10.14 /Applications/VMware Fusion.app/Contents/Library/vmware-vmx -s vmx.noUIBuildNumberCheck=TRUE -# product=1;name=vmrun;version=1.17.0;buildnumber=21581413;licensename=VMware Fusion for Mac OS;licenseversion=13.0; -@ duplex=3;msgs=ui /Users/amaksoft/my_vagrant_vms/ubuntu-22.10/.vagrant/machines/default/vmware_desktop/0cf5485e-1ba1-44a5-bb9d-0e05fe0258e5/ubuntu-22.10-amd64.vmx
While VirtualBox VM process runs as regular user
amaksoft@amaksoft-mbp ~ $ ps aux | grep ubuntu amaksoft 78253 15.8 2.4 37522200 1596612 ?? S 10:05pm 0:14.79 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless --comment ubuntu-mantic64_default_1685917378922_81181 --startvm 4d1a000a-1f4d-47ee-8ea8-3f7602082f88 --vrde config
Not sure i am comparing the right processes though. Is there any extra information i can gather to help?
comment:11 by , 16 months ago
Following up. Further investigation shows that VMWare binary has setuid bit and is owned by root:
amaksoft@amaksoft-mbp ~ $ ls -l@ /Applications/VMware\ Fusion.app/Contents/Library/vmware-vmx -rwsr-xr-x@ 1 root wheel 35826512 10 Apr 06:47 /Applications/VMware Fusion.app/Contents/Library/vmware-vmx com.apple.provenance 11
While VirtualBox being owned by root, has no setuid bit:
amaksoft@amaksoft-mbp ~ $ ls -l /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless -rwxr-xr-x 1 root admin 164192 17 Apr 18:52 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless
So running
sudo chmod u+s /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless
seems to have solved the issue for me (took some extra dance to grant shell app the permission to change the file attributes though). The VBoxHeadless
process runs as root now:
amaksoft@amaksoft-mbp ~ $ ps aux | grep ubuntu root 90736 11.8 2.8 37531720 1911896 ?? S 10:38pm 1:28.94 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless --comment ubuntu-mantic64_default_1685917378922_81181 --startvm 4d1a000a-1f4d-47ee-8ea8-3f7602082f88 --vrde config
USB connects/disconnects successfully.
Limitations:
Only works for headless and detachable modes. GUI only mode uses a differenf binary VirtualBoxVM
that breaks as apparently you are not allowed to use setuid bit for GUI MacOS apps:
2023-06-06 23:03:25.864 VirtualBoxVM[98777:6777878] The application with bundle ID org.virtualbox.app.VirtualBoxVM is running setugid(), which is not allowed. Exiting.
Summarising:
As long as I run VMs in headless or detachable modes, I am not forced to launch VirtualBox via sudo every time, which was the most disturbing part. I'd say that this is a much cleaner workaround. Can it be considered as a solution? Can make the VirtualBox installer set setuid bit for VBoxHeadless
out for the box?
comment:12 by , 16 months ago
UPD: After checking the sources i see that MacOS installer's postflight script is supposed to set the setuid bits for VboxHeadless
https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Installer/darwin/VirtualBox/postflight#L108
However it wasn't the case for me on VirtualBox 7.0.8 r156879
amaksoft@amaksoft-mbp ~ $ /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless --version Oracle VM VirtualBox Headless Interface 7.0.8 Copyright (C) 2008-2023 Oracle and/or its affiliates 7.0.8r156879 amaksoft@amaksoft-mbp ~ $ ls -l /Applications/VirtualBox.app/Contents/{MacOS/VBoxNetAdpCtl,MacOS/VBoxHeadless,MacOS/VBoxNetDHCP,MacOS/VBoxNetNAT,Resources/VirtualBoxVM.app/Contents/MacOS/VirtualBoxVM} -rwxr-xr-x 1 root admin 164192 17 Apr 18:52 /Applications/VirtualBox.app/Contents/MacOS/VBoxHeadless -rwsr-xr-x 1 root admin 71264 17 Apr 18:50 /Applications/VirtualBox.app/Contents/MacOS/VBoxNetAdpCtl -rwxr-xr-x 1 root admin 236144 17 Apr 18:51 /Applications/VirtualBox.app/Contents/MacOS/VBoxNetDHCP -rwxr-xr-x 1 root admin 303104 17 Apr 18:51 /Applications/VirtualBox.app/Contents/MacOS/VBoxNetNAT -rwxr-xr-x 1 root admin 1185088 17 Apr 18:52 /Applications/VirtualBox.app/Contents/Resources/VirtualBoxVM.app/Contents/MacOS/VirtualBoxVM
The only binary out of all listed in the postflight script that has setuid bit is VBoxNetAdpCtl
. The rest don't have it.
Why? Let's investigate the install package:
amaksoft@amaksoft-mbp ~ $ mkdir VboxPkg amaksoft@amaksoft-mbp ~ $ cd VboxPkg amaksoft@amaksoft-mbp ~/VboxPkg $ xar -xf /Volumes/VirtualBox/VirtualBox.pkg amaksoft@amaksoft-mbp ~/VboxPkg $ cd VirtualBox.pkg amaksoft@amaksoft-mbp ~/VboxPkg/VirtualBox.pkg $ cat Scripts | gunzip -dc | cpio -i 12 blocks amaksoft@amaksoft-mbp ~/VboxPkg/VirtualBox.pkg $ cat postflight | tail -n 15 # # Workaround for 10.11 beta 6 in which the above chown strips the set-uid-to-root bit. # SET_UID_BINARIES="MacOS/VBoxNetAdpCtl" for bin in ${SET_UID_BINARIES}; do chmod u+s "/Applications/VirtualBox.app/Contents/${bin}" done # Install provisioning profile if present, needed by VBoxHeadless. if [ -f /Applications/VirtualBox.app/Contents/embedded.provisionprofile ]; then profiles -i -F /Applications/VirtualBox.app/Contents/embedded.provisionprofile fi exit 0;
The install package only applies setuid to VBoxNetAdpCtl
, which matches the binaries atributes I observe above.
Why doesn't it match the code in trunk?
Anyway, here's the extended workaround shell command:
amaksoft@amaksoft-mbp ~ $ for f in /Applications/VirtualBox.app/Contents/{MacOS/VBoxNetAdpCtl,MacOS/VBoxHeadless,MacOS/VBoxNetDHCP,MacOS/VBoxNetNAT}; do sudo chmod u+s $f; done
comment:13 by , 16 months ago
The postflight scripts in 7.0 and trunk are the same. Our packaging uses a bit of trickery to adapt it to the VBOX_WITH_HARDENING build config flag, which isn't set any more since 7.0. Which removes the line https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Installer/darwin/VirtualBox/postflight#L106 . To be honest I'm unsure why VBoxNetAdpCtl is still suid root.
USB handling should work through entitlements, the provisioning profile and code signing.
follow-up: 15 comment:14 by , 13 months ago
Replying to LGFox:
Thanks to a guy Matafaga, I managed to get USB connected on MacOS Ventura 13.0 with VB 7.0.2:
- Start VB using "sudo virtualbox"
- Go to your guest OS settings->Ports->USB and select "USB 3.0 (xHCI)"
- Then just start your guest OS and USB devices should work. No need to use USB filters.
Does not work with 2023 M2 Max MBP + most recent Mac OS (Ventura 13.5.1).
Would be great if we could get this sorted.
comment:15 by , 13 months ago
Replying to codergoy:
Does not work with 2023 M2 Max MBP + most recent Mac OS (Ventura 13.5.1).
Tried the extended workaround shell command from above, as well.
Would be great if we could get this sorted.
I'm glad I decided not to upgrade to Ventura. I'm using the setuid method on MacOS 12.6
comment:16 by , 11 months ago
Any progress on this? It is not only Linux guests, but Windows guest also. Crazy that thing like this does not get higher priority because it is hard to do serious work without USB support. Or Virtualbox is not targeting MacOS any more?
follow-up: 18 comment:17 by , 9 months ago
Observe the same issue on VirtualBox 7.0.12 r159484 (Qt5.15.2) running over macOS 14.2.1 (23C71).
comment:18 by , 8 months ago
Replying to prokher:
Observe the same issue on VirtualBox 7.0.12 r159484 (Qt5.15.2) running over macOS 14.2.1 (23C71).
Same to me. To the devs: PLEASE, fix this bug soon'''
comment:19 by , 5 months ago
sudo still necessary with VirtualBox 7.0.16. Any chance to see a fix soon?
comment:20 by , 5 months ago
Hi Developers,
I was curious, whether this bug is fixed in version 7.0.16 and just found out in the latest post, that it's probably not. That's sad, but I don't blame anyone and guess, you would like to have it off the desk as well. If you need help, let me know. I use a recent macOS 14 and have technical background to investigate, help out with testing etc. Let me know if I can be of service.
Best, VBoxer1
comment:21 by , 5 months ago
This is really problematic. With Mac Sonoma you can not use Virtual box 6.1 any more and need to install 7.0.0 at least in which USB does not work. This makes Virtual box unusable for serious work (I use it for banking application in windows guest and that can not work without card reader!). Please fix this asap. This bug was reported long time ago and should be fixed already (it's not minor bug!)
comment:22 by , 5 months ago
sudo still necessary with VirtualBox 7.0.18. Any chance to see a fix soon?
comment:23 by , 5 months ago
We hopefully found a solution to this problem. Would be great if anyone could try the latest Testbuild (revision >= 163037).
comment:24 by , 5 months ago
I just tried test build 163037 (7.0.19). When I started the VM, macOS (Ventura 13.6.6) asked if I would like to allow VirtualBox to connect to my USB smart card reader. I told it "Allow". Startup proceeded normally, and I have access to my smart card in the VM. Success! I've since changed my answer to "Always Allow" (as that gets old fast).
comment:25 by , 4 months ago
Tried with Version 7.0.19 r163060, I can attach USB device without root, took a few goes before debian mounted it, and moaned about being Ejected at OSX level, but eventually worked, maybe the always allow prompt helped. Unfortunately internal MBP card reader which is the problem I'd ideally like resolved with this build didn't fix that, still getting:
Failed to create a proxy device for the USB device. (Error: VERR_SHARING_VIOLATION). Result Code: NS_ERROR_FAILURE (0X80004005) Component: ConsoleWrap Interface: IConsole {6ac83d89-6ee7-4e33-8ae6-b257b2e81be8}
Log