[Pkg-libvirt-maintainers] Bug#1040783: libvirt-daemon: libvirt firewalld zone is missing

[Niccolò Belli]

Package: libvirt-daemon
Version: 9.0.0-4
Severity: normal
X-Debbugs-Cc: darkbasic at linuxsystems.it

Hi,
I've installed firewalld (with the default nftables backend) and libvirt-daemon (kvm backend) in Debian 12 Bookworm.
I've connected remotely via virt-manager (through ssh) and tried to create a routed network, but I get the following error:

Error creating virtual network: internal error: firewalld is set to use the nftables backend, but the required firewalld 'libvirt' zone is missing. Either set the firewalld backend to 'iptables', or ensure that firewalld has a 'libvirt' zone by upgrading firewalld to a version supporting rule priorities (0.7.0+) and/or rebuilding libvirt with --with-firewalld-zone

which is weird considering libvirt seems to be built with -Dfirewalld=enabled.

What's missing? Why doesn't firewalld create the libvirt zone?
I want to use the nftables backend.

Niccolo'

-- System Information:
Debian Release: 12.0
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libvirt-daemon depends on:
ii  libacl1                     2.3.1-3
ii  libblkid1                   2.38.1-5+b1
ii  libc6                       2.36-9
ii  libdevmapper1.02.1          2:1.02.185-2
ii  libgcc-s1                   12.2.0-14
ii  libglib2.0-0                2.74.6-2
ii  libparted2                  3.5-3
ii  libpcap0.8                  1.10.3-1
ii  libpciaccess0               0.17-2
ii  libselinux1                 3.4-1+b6
ii  libtirpc3                   1.3.3+ds-1
ii  libudev1                    252.6-1
ii  libvirt-daemon-driver-qemu  9.0.0-4
ii  libvirt0                    9.0.0-4
ii  libxml2                     2.9.14+dfsg-1.2

Versions of packages libvirt-daemon recommends:
pn  libvirt-daemon-driver-lxc   <none>
pn  libvirt-daemon-driver-vbox  <none>
pn  libvirt-daemon-driver-xen   <none>
ii  libxml2-utils               2.9.14+dfsg-1.2
ii  lvm2                        2.03.16-2
ii  mount                       2.38.1-5+b1
pn  netcat-openbsd              <none>
ii  qemu-system                 1:7.2+dfsg-7
ii  qemu-system-x86 [qemu-kvm]  1:7.2+dfsg-7

Versions of packages libvirt-daemon suggests:
pn  libvirt-daemon-driver-storage-gluster       <none>
pn  libvirt-daemon-driver-storage-iscsi-direct  <none>
pn  libvirt-daemon-driver-storage-rbd           <none>
pn  libvirt-daemon-driver-storage-zfs           <none>
ii  libvirt-daemon-system                       9.0.0-4
ii  numad                                       0.5+20150602-8+b1

-- no debconf information