QEMU binary "/usr/local/bin/qemu-system-x86_64" does not seem properly signed with the "com.apple.security.hypervisor" entitlement
在Mac中安装完colima时,直接启动的时候qemu报错了
> Using the existing instance "colima"
> "QEMU binary \"/usr/local/bin/qemu-system-x86_64\" does not seem properly signed with the \"com.apple.security.hypervisor\" entitlement" error="failed to run [codesign --verify /usr/local/bin/qemu-system-x86_64]: exit status 1 (out=\"/usr/local/bin/qemu-system-x86_64: invalid signature (code or signature have been modified)\\nIn architecture: x86_64\\n\")"
> If QEMU does not start up, you may have to sign the QEMU binary with the "com.apple.security.hypervisor" entitlement manually. See https://github.com/lima-vm/lima/issues/1742 .
> [hostagent] hostagent socket created at /Users/meshell/.colima/_lima/colima/ha.sock
> [hostagent] Starting QEMU (hint: to watch the boot progress, see "/Users/meshell/.colima/_lima/colima/serial*.log")
> SSH Local Port: 62526
> [hostagent] Waiting for the essential requirement 1 of 5: "ssh"
> [hostagent] Driver stopped due to error: "signal: abort trap"
> [hostagent] Shutting down the host agent
> [hostagent] failed to exit SSH master
> [hostagent] Shutting down QEMU with ACPI
> [hostagent] Failed to remove SSH binding for port 62526
> [hostagent] failed to open the QMP socket "/Users/meshell/.colima/_lima/colima/qmp.sock", forcibly killing QEMU
> [hostagent] QEMU has already exited
> exiting, status={Running:false Degraded:false Exiting:true Errors:[] SSHLocalPort:0} (hint: see "/Users/meshell/.colima/_lima/colima/ha.stderr.log")
FATA[0001] error starting vm: error at 'starting': exit status 1
看着像签名的错误. 错误信息里面给了一个https://github.com/lima-vm/lima/issues/1742此错误的解决地址. 打开后给了三个解决方案。
- 降级安装QEMU V8.0.3
[$] brew uninstall qemu
[$] curl -OSL https://raw.githubusercontent.com/Homebrew/homebrew-core/dc0669eca9479e9eeb495397ba3a7480aaa45c2e/Formula/qemu.rb
[$] brew install ./qemu.rb
- 源码安装QEMU
[$] brew uninstall qemu
[$] brew install --build-from-source qemu
- 重新给签名
[$] cat >entitlements.xml <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.hypervisor</key>
<true/>
</dict>
</plist>
EOF
[$] codesign --sign - --entitlements entitlements.xml --force /usr/local/bin/qemu-system-$(uname -m | sed -e s/arm64/aarch64/)