VirtualBox

Opened 16 years ago

Closed 8 years ago

#3672 closed defect (obsolete)

OSE / Hardened: NS_ERROR_FACTORY_NOT_REGISTERED => Fix symlinks

Reported by: nicolyon Owned by:
Component: other Version: VirtualBox 2.2.0
Keywords: NS_ERROR_FACTORY_NOT_REGISTERED Cc:
Guest type: other Host type: other

Description (last modified by aeichner)

I always got this error with the version 2.2.0 not in previous version. I can't start a vm by VirtualBox or by VBoxManage i always got an popup with the error NS_ERROR_FACTORY_NOT_REGISTERED.

I have checked forum so i look in my tmp but i don't have any permission issue and i try to launch the vm in the root account.

I also try to launch the VBoxSVC by hand for looking message i got this :

[11:31:01 root@nico ~]# /opt/virtualbox/sbin/VBoxSVC
*********************************************
Sun VirtualBox XPCOM Server Version 2.2.0_OSE
(C) 2008-2009 Sun Microsystems, Inc.
All rights reserved.

Starting event loop....
[press Ctrl-C to quit]
Informational: VirtualBox object created (rc=00000000).
Informational: VirtualBox object deleted.

No more informations on the error.

Attachments (5)

virtualbox.spec (26.5 KB ) - added by GabrielVlasiu 16 years ago.
strace.log.bz2 (166.5 KB ) - added by nicolyon 16 years ago.
strace log file
vbox.nothardened.log.bz2 (235.2 KB ) - added by Tobias Gerschner 16 years ago.
Registering a VM does work in Yoper Linux with hardening DISABLED
vbox.hardened.log.bz2 (166.3 KB ) - added by Tobias Gerschner 16 years ago.
Registering a VM does NOT work in Yoper Linux with hardening ENABLED
VirtualBox.spec (9.7 KB ) - added by Tobias Gerschner 16 years ago.
SPEC File to build Virtual Box OSE 2.2.0 for Yoper Linux Distribution

Download all attachments as: .zip

Change History (37)

comment:1 by Tobias Gerschner, 16 years ago

Confirmed, on all account. Reverting back to 2.1.4 in exactly the same configuration and the problem is gone.

Also checked permissions / UID , GID of /tmp/.vbox-whoami-ipc/ which is all fine.

comment:2 by laprjns, 16 years ago

Confirmed problem on my package build for Zenwalk. I get the error message at the end of creating a new VM using the GUI wizard. All permissions seem to be ok. Works ok if compiled with --disable hardening. Someone posted in the forum that it also works if compiled in debug mode. I can't confirm this yet but will give it try. Also had the same issue with 2.1.4-3.

Regards Rich

comment:3 by laprjns, 16 years ago

Sorry, forgot to mention

Host OS - Zenwalk Linux (Slackware deriviative) Kernel - 2.6.28.7

comment:4 by Frank Mehnert, 16 years ago

Description: modified (diff)

comment:5 by Frank Mehnert, 16 years ago

nicolyon, TobiG, which package did you install? laprjns, you are talking about the OSE version?

in reply to:  5 comment:6 by laprjns, 16 years ago

Replying to frank:

nicolyon, TobiG, which package did you install? laprjns, you are talking about the OSE version?

yes OSE

in reply to:  description comment:7 by nicolyon, 16 years ago

Yes the OSE Version

comment:8 by Tobias Gerschner, 16 years ago

Yes,

also attempted to use a fresh build of the OSE version.

comment:9 by Frank Mehnert, 16 years ago

Ok, so only the OSE version seems to be affected. Can you tell me how you built the OSE version and how did you install it (exact instructions please)? Just tried to build and install the 2.2.0 OSE Debian package (see instructions in debian/rules) and it worked as expected.

Make sure that the binaries VirtualBox, VBoxSDL, VBoxNetDHCP, VBoxNetAdpCtl and VBoxHeadless are owned by root.root and have 4511 permissions!

comment:10 by GabrielVlasiu, 16 years ago

Same error here. I solved this bug by adding some symbolic links in /usr/lib64/virtualbox/components ln -s ../VBoxREM.so ln -s ../VBoxRT.so ln -s ../VBoxVMM.so ln -s ../VBoxXPCOM.so Seems silly but works.

VirtualBoxOSE 2.2.0 on Fedora 10 (x86_64) - please see attached rpm spec file for my install instructions. dkms does not work well on update.

by GabrielVlasiu, 16 years ago

Attachment: virtualbox.spec added

comment:11 by nicolyon, 16 years ago

Build from scratch with :
./configure --with-qt4-dir=$QTDIR4 --disable-pulse --disable-kmods &&
source env.sh &&
sed -i -e 's/SYSMODS += vboxnetflt/#SYSMODS += vboxnetflt/g' src/VBox/HostDrivers/VBoxNetFlt/Makefile.kmk &&
kmk VBOX_WITH_VBOXDRV="" all &&
mkdir /opt/virtualbox &&
mkdir /opt/virtualbox/bin &&
mkdir /opt/virtualbox/sbin &&
mkdir /opt/virtualbox/additions &&
mkdir /opt/virtualbox/module &&
install -m 0644 src/VBox/HostDrivers/Support/linux/Makefile /opt/virtualbox/module && cd out/linux.${ARCH}/release/bin &&
rm -rf tst* testcase additions vboxdrv.ko SUPInstall SUPUninstall &&
ln -sf /opt/virtualbox/additions /opt/virtualbox/sbin/additions &&
install -m 0644 /src/init/virtualbox/VBoxGuestAdditions-${PACK_VERSION}.iso /opt/virtualbox/additions/VBoxGuestAdditions.iso &&
mv src/* /opt/virtualbox/module &&
mv sdk /opt/virtualbox/sdk &&
cp -Raf * /opt/virtualbox/sbin &&
cd /opt/virtualbox/sbin &&
cat /src/init/virtualbox/VBox.sh.patch | patch -p0 &&
for each in VBox{BFE,Manage,SDL,SVC,XPCOMIPCD} VirtualBox
do

chmod 0755 /opt/virtualbox/sbin/${each}
ln -sf /opt/virtualbox/sbin/VBox.sh /opt/virtualbox/bin/${each}

done &&
ln -sf /opt/virtualbox/sbin/vditool /opt/virtualbox/bin/vditool &&
echo 'KERNEL=="vboxdrv", GROUP="users" MODE="0660"' >>/etc/udev/rules.d/60-virtualbox.rules &&
mkdir -m 0755 /etc/vbox &&
install -m 0644 /src/init/virtualbox/vbox.cfg /etc/vbox &&
install -m 0644 /src/init/virtualbox/interfaces /etc/vbox &&
install -m 0644 /src/init/virtualbox/virtualbox.desktop /usr/share/applications

comment:12 by nicolyon, 16 years ago

I build the 2.1.4 with the same script and i don't get this problems. See you

comment:13 by Frank Mehnert, 16 years ago

nicolyon, obviously you are disabling hardening which is not recommended. Anyway, which Linux distribution are you using?

comment:14 by laprjns, 16 years ago

I tried all the suggestions like adding symlinks inc the components directory. All my binaries are installed with 4511 permission. Still can get it to work with hardening enabled.

comment:15 by Tobias Gerschner, 16 years ago

Hi,

Went through all suggested motions, too . Wiped off virtualbox install dir , too to make sure no remaining files pollute testing and all permissions are fine. However, using an hardened build throws still the same error out when attempting to start or finalize the setup of a new VM.

comment:16 by Frank Mehnert, 16 years ago

I'm sure I can help you if you tell me

  1. which Linux distribution you are using and
  2. how did you install the OSE binaries.

Even nicolyon's instructions work fine here on Debian 5.0 (though he uses a non-hardened build). So it might be some distribution-specific problem.

It might further help to do

sudo chmod u+s /usr/bin/strace
killall VBoxSVC
strace -s128 -o ~/log -f <path_to_vbox>/VirtualBox
bzip2 -9 ~/log

This works only for hardened builds. For non-hardened builds (not recommended), don't change the permissions of strace.

If you attach the resulting file ~/log.bz2 I can probably find out your problems.

in reply to:  13 comment:17 by nicolyon, 16 years ago

Replying to frank:

nicolyon, obviously you are disabling hardening which is not recommended. Anyway, which Linux distribution are you using?


Sorry but i don't understand where i disable hardening ...
Can you explain to me thanks.

For the distribution there's no one it's your own

comment:18 by nicolyon, 16 years ago

Here the link for the binaries and modules:
http://update.intra-links.com/packages/x86_64/VirtualBox-2.2.0-OSE.tar.bz2[[BR]] http://update.intra-links.com/packages/x86_64/VirtualBox-module-2.2.0-OSE.tar.bz2[[BR]]

I attach the log file of the strace as you ask.
In the step i launch VirtualBox and try to start a vm
strace -s128 -o ~/log -f /opt/virtualbox/bin/VirtualBox
resume: ptrace(PTRACE_SYSCALL, ...): No such process

by nicolyon, 16 years ago

Attachment: strace.log.bz2 added

strace log file

comment:19 by Tobias Gerschner, 16 years ago

The distribution I use is Yoper Linux and I attempt to build an updated distribution package.

Now to your analysis. When I do a build with hardening disabled I can register a new VM just fine. When hardening is disabled the error above (NS_ERROR_FACTORY_NOT_REGISTERED)) occurs.

Please find attached 2 log files one with hardening enabled where the error occurs and another one where the hardening does not occur.

I will also attached the spec file used to build the rpm.

by Tobias Gerschner, 16 years ago

Attachment: vbox.nothardened.log.bz2 added

Registering a VM does work in Yoper Linux with hardening DISABLED

by Tobias Gerschner, 16 years ago

Attachment: vbox.hardened.log.bz2 added

Registering a VM does NOT work in Yoper Linux with hardening ENABLED

by Tobias Gerschner, 16 years ago

Attachment: VirtualBox.spec added

SPEC File to build Virtual Box OSE 2.2.0 for Yoper Linux Distribution

comment:20 by Tobias Gerschner, 16 years ago

Forgot to emphasize the error in your analysis.

You can NOT reference the debian build as it also has hardening disabled. As mentioned, when hardening is disabled this error does not occur.

As VirtualBox documentation clearly states it is prefered distros use hardening ENABLED we are trying to do just that.

ENABLING HARDENING is the common denominator that makes this error visible.

comment:21 by nicolyon, 16 years ago

can someone tell me how to enable the hardening build because i don't use "--disable-hardening" in the configure and frank say "nicolyon, obviously you are disabling hardening".
So i can try with the hardening version

comment:22 by Frank Mehnert, 16 years ago

Summary: VirtualBox display error NS_ERROR_FACTORY_NOT_REGISTEREDOSE / Hardened: NS_ERROR_FACTORY_NOT_REGISTERED

Ok guys, the problem is clear now -- see the updated subject. The problem is that when hardening is installed, a runpath must be set as well. This is not properly described, and I will fix the documentation.

Remember, hardening means that there are small setuid root stubs which do consistency checks, open the /dev/vboxdrv device, get a VBOX_HARD_CAP_NET_RAW capability (which will later allow to open a raw socket required for ping over NAT) and finally drop the privilege.

The default build method for development is to set RPATH=$ORIGIN of all binaries allowing them to find their shared libraries in the same directory. That line actually means that the dynamic linker should search in the same directory first to resolve shared libraries. However, doing so is not appropriate for suid binaries as this induces a security problem.

Therefore, when doing a hardened build, RPATH=$ORIGIN must not be used. The only alternative is to set a fixed path, RPATH=<path>.

To summarize: For development, use --disable-hardening and you should be able to start VBox directly from the out/... directory. For final compilation and for redistributing OSE packages, please never use --disable-hardening for security reasons. Instead use a static RPATH which points to the final installation directory.

I will update the build instructions ASAP, and I will change the configure script / Makefiles to abort if someone uses RPATH=$ORIGIN (the default) with a hardened build.

comment:23 by Frank Mehnert, 16 years ago

A correction: All of my above comment is correct and setting RPATH to something different than RPATH=$ORIGIN is preferred but this is not really necessary. The security problem I mentioned applies only to setuid root binaries and these binaries (VirtualBox, VBoxSDL, VBoxHeadless, ...) don't have an RPATH set at all.

Therefore, the fix GabrielVlasiu proposed is actually correct. So, in case you are doing a hardened build, do

cd components
ln -s ../VBoxDDU.so .
ln -s ../VBoxREM.so .
ln -s ../VBoxRT.so .
ln -s ../VBoxVMM.so .
ln -s ../VBoxXPCOM.so .

and VBox should finally start again. That way you can still move the whole bin/ directory to another place without re-compiling the whole tree.

comment:24 by nicolyon, 16 years ago

Yes it's good i try to build with this command line:
kmk VBOX_ORIGIN="/opt/virtualbox/sbin" all
as my binaries will be in /opt/virtualbox/sbin
and known vms start.
Thanks.

comment:25 by Tobias Gerschner, 16 years ago

Yes, the use of VBOX_ORIGIN did solve the problem here, too. Thanks for the persistent follow up and the clarification.

comment:26 by Frank Mehnert, 16 years ago

Build instructions updated.

comment:27 by Frank Mehnert, 16 years ago

Summary: OSE / Hardened: NS_ERROR_FACTORY_NOT_REGISTEREDOSE / Hardened: NS_ERROR_FACTORY_NOT_REGISTERED => Fix symlinks

comment:28 by laprjns, 16 years ago

Yes, correctly adding the symlinks fixed the problem. I just don't understand what changed from 2.1.4. I had a working build with hardening working without the symlinks

Thanks for your help Rich

comment:29 by Frank Mehnert, 16 years ago

There is an additional dependency which required this change. This was respected in the installer but not for the build instructions. The build instructions are updated now and the links will be created as well during build. So this issue should be finally fixed.

I will keep this bug open for some weeks.

comment:30 by Frank Mehnert, 15 years ago

Resolution: fixed
Status: newclosed

comment:31 by dvo, 12 years ago

Resolution: fixed
Status: closedreopened

On a brand new VMWare (9.0.1) installation, I got essentially the same error message

VBoxSVC: error: Failed to get IPC service! (rc=NS_ERROR_FACTORY_NOT_REGISTERED) XPCOM server has shutdown.

In my case the problem was simply that my Linux root partition (including /tmp) was full! VirtualBox should provide a more useful error message in this case.

comment:32 by aeichner, 8 years ago

Description: modified (diff)
Resolution: obsolete
Status: reopenedclosed

Please reopen if still relevant with a recent VirtualBox release.

Note: See TracTickets for help on using tickets.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette