[Resolved] Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Discussions about using Mac OS X guests (on Apple hardware) in VirtualBox.

[Resolved] Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Postby untra » 10. May 2018, 22:38

Error messageWhen I start the virtualbox gui, nothing happens. When I run virtualbox from the commandline, I get:
Code: Select all   Expand viewCollapse view
VirtualBox: Error -610 in supR3HardenedMainInitRuntime!
VirtualBox: dlopen("/Applications/VirtualBox.app/Contents/MacOS/VBoxRT.dylib",) failed: <NULL>

VirtualBox: Tip! It may help to reinstall VirtualBox.

Setup:
Host: macOS 10.13.3 (upgraded)
Virtualbox: 5.2.10

Attempted Solutions:
* reinstalling virtualbox
* restarting host after reinstalling
* installing virtualbox from brew cask (same error message)

kextstat | grep -v com.apple:
Code: Select all   Expand viewCollapse view
Index Refs Address            Size       Wired      Name (Version) UUID <Linked Against>
  141    0 0xffffff7f82915000 0x17000    0x17000    com.Cylance.CyProtectDrvOSX (1) 2973260E-92C0-37B1-A82A-31CEE85AAE37 <7 5 4 3 2 1>
  152    1 0xffffff7f80e18000 0x7000     0x7000     com.bit9.cbsystemproxy (1801.24.61fc3) 6B899A41-5622-34C0-9999-4DD5B52EFEF8 <4 3 1>
  153    0 0xffffff7f80e23000 0x1d000    0x1d000    com.carbonblack.CbOsxSensorProcmon (1801.24.61fc3) 10976376-337F-304D-8060-CAB382444572 <152 7 5 4 3 2 1>
  172    0 0xffffff7f80e6a000 0xc000     0xc000     com.carbonblack.CbOsxSensorNetmon (1801.24.61fc3) B2AE8255-EB3F-358B-8CF5-813092554DF3 <7 5 4 3 1>
  782    1 0xffffff7f847c5000 0x11000    0x11000    com.vmware.kext.vmci (90.8.1) F673BA9E-4370-3867-996E-CA6615DFDE0A <12 5 4 3 1>
  783    0 0xffffff7f847d6000 0x16000    0x16000    com.vmware.kext.vmnet (0752.01.54) 9EDDE1C1-80D8-3154-95A1-25F70585272E <782 5 4 3 1>
  784    0 0xffffff7f847ec000 0x12000    0x12000    com.vmware.kext.vmx86 (0752.01.54) F20CC4A3-BFB5-365B-AEB8-84796FAA26F4 <7 5 4 3 1>
  785    0 0xffffff7f8480a000 0x6000     0x6000     com.vmware.kext.vmioplug.17.1.3 (17.1.3) 4E465B8F-BBF2-3877-BB4B-17398E62310C <55 5 4 3 1>
  912    3 0xffffff7f8474b000 0x64000    0x64000    org.virtualbox.kext.VBoxDrv (5.2.10) B172CB4D-2DAC-34A3-B1ED-8927A492021C <7 5 4 3 1>
  913    0 0xffffff7f847b7000 0x8000     0x8000     org.virtualbox.kext.VBoxUSB (5.2.10) 18BFD538-2E5A-328C-B8BF-DF95DFDDFC6F <912 169 55 7 5 4 3 1>
  914    0 0xffffff7f847af000 0x5000     0x5000     org.virtualbox.kext.VBoxNetFlt (5.2.10) 97411DA8-28E3-3954-85D4-10B616336375 <912 7 5 4 3 1>
  915    0 0xffffff7f84810000 0x6000     0x6000     org.virtualbox.kext.VBoxNetAdp (5.2.10) 4A140B73-8C07-3948-8928-D8700E8C7F8B <912 5 4 1>


Similar tickets:
Code: Select all   Expand viewCollapse view
ticket/13370
ticket/13371
ticket/13372


Please let me know what other additional details I can provide. I could not find any other similar posts in the OSX forums.
Thanks in advance for any help or suggestions!
Last edited by socratis on 24. May 2018, 17:46, edited 1 time in total.
Reason: Marked as [Resolved].
untra
 
Posts: 3
Joined: 10. May 2018, 21:48

Re: Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Postby socratis » 10. May 2018, 23:15

If there's a hardening error while trying to open VirtualBox, then 99% your permissions are out of whack. Post the output of the commands (from /Applications/Utilities/Terminal):

    ls -ale@ /
    ls -ale@ /Applications
    ls -ale@ /Applications/VirtualBox.app
    ls -ale@ /private/tmp
It would be better if you saved the output to a text file (Terminal » menu Shell » Export Text As...), ZIP that file and attach it to your response. See the "Upload attachment" tab below the reply form.

And yes, you do have some suspicious kexts installed, but I don't want to go that route now, the error message points to something else...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
socratis
Site Moderator
 
Posts: 27259
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Postby untra » 24. May 2018, 00:26

Sorry for the late response. I was pulled into a few different directions and forgot I had posted this issue until just now. It is still a problem, but I am glad to be getting some help!

Code: Select all   Expand viewCollapse view
1.txt ls -ale@ /
2.txt ls -ale@ /Applications
3.txt ls -ale@ /Applications/VirtualBox.app
4.txt ls -ale@ /private/tmp


I attached the output of the following commands to this reply. Thanks again for your assistance, and let me know if there are any further clues I can provide. Cheers!
Attachments
output.zip
(2.95 KiB) Downloaded 29 times
untra
 
Posts: 3
Joined: 10. May 2018, 21:48

Re: Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Postby socratis » 24. May 2018, 10:43

socratis wrote:99% your permissions are out of whack.

And indeed they are:
drwxrwxr-x+   63 sam.volin      SECIOUS\Domain Users    2142 May 21 10:44 Applications

and a lot of apps in the Applications directory have the same permissions as well. That's not going to work. You need to fix it by issuing the command:

    sudo chown root:admin /Applications
I do *not* want to apply this recursively, because I do not know what other application it may disrupt. Anyway, start with that and we see how it goes. Just FYI, here are some apps that were affected:
-rw-r--r--   1 sam.volin  SECIOUS\Domain Users     0 Jul 15  2017 .localized
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 May 9 13:10 BetterTouchTool.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Dec 7 18:10 Box Sync.app
drwxr-xr-x 6 sam.volin SECIOUS\Domain Users 204 Apr 25 10:53 CarbonBlack
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:34 Cisco Jabber.app
drwxrwxr-x 4 sam.volin SECIOUS\Domain Users 136 Apr 24 11:52 Cylance
drwxr-xr-x@ 3 sam.volin SECIOUS\Domain Users 102 Apr 30 10:03 Docker.app
drwxrwxr-x 8 sam.volin SECIOUS\Domain Users 272 May 23 09:01 GoToMeeting
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 27 12:46 GoToMeeting.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:26 Ivanti Agent.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:26 Ivanti Workspaces.app
drwxrwxr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:38 Microsoft Excel.app
drwxrwxr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:38 Microsoft OneNote.app
drwxrwxr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:38 Microsoft Outlook.app
drwxrwxr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:38 Microsoft PowerPoint.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 25 12:39 Microsoft Teams.app
drwxrwxr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:38 Microsoft Word.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Feb 12 13:38 MobilePASS.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 24 11:32 Pulse Secure.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Mar 30 15:03 Slack.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Mar 9 12:16 Visual Studio Code.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Apr 22 15:56 iTerm.app
drwxr-xr-x 3 sam.volin SECIOUS\Domain Users 102 Jan 29 16:49 iTunes.app
i.e. everything non-Apple pretty much...

Based on the dates only, I'd say that the application installer that screwed up your permissions was "Box Sync", but I don't want to reach a hasty conclusion without further evidence.

Finally, I forgot to mention to check the "/Library/Application Support/VirtualBox/" permissions. Here are mine so that you can compare them:
socratis$ ls -al /Library/Application\ Support/VirtualBox/
total 0
drwxr-xr-x 7 root wheel 238 22 Μαϊ 10:14 .
drwxr-xr-x 22 root admin 748 22 Μαϊ 10:14 ..
drwxr-xr-x 4 root wheel 136 9 Μαϊ 13:18 LaunchDaemons
drwxr-xr-x 3 root wheel 102 9 Μαϊ 13:18 VBoxDrv.kext
drwxr-xr-x 3 root wheel 102 9 Μαϊ 13:18 VBoxNetAdp.kext
drwxr-xr-x 3 root wheel 102 9 Μαϊ 13:18 VBoxNetFlt.kext
drwxr-xr-x 3 root wheel 102 9 Μαϊ 13:18 VBoxUSB.kext
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
socratis
Site Moderator
 
Posts: 27259
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Postby untra » 24. May 2018, 17:27

Aha! That fixed it!
sudo chown root:admin /Applications
was the solution here.
Socratis, you are excellent. Thanks so much for your quick responses. Can I ask why its important for root to own the files in the applications directory? And why was that causing the above error message?
Cheers!
untra
 
Posts: 3
Joined: 10. May 2018, 21:48

Re: Cannot startup: Error -610 in supR3HardenedMainInitRuntime!

Postby socratis » 24. May 2018, 17:46

untra wrote:Aha! That fixed it!
Glad to hear that. Marking as [Resolved].
(borderline [WorksForMe] ;) )

untra wrote:Can I ask why its important for root to own the files in the applications directory?
That's a good security practice. For example, an "application" in OSX is really a folder/directory with a special extension; ".app". In that directory, the main program resides in a specific subdirectory, and that's what's launched. For example:
/Applications/Calculator.app/Contents/MacOS/Calculator

Completely hypothetical example
If *I* (the simple user) own that directory and all its files, random virus "CalculatorHijack" (from non-trusted website) could rename that executable file, and inject its own payload in that location:
/Applications/Calculator.app/Contents/MacOS/CalculatorOriginal    <-- Original program
/Applications/Calculator.app/Contents/MacOS/Calculator <-- Virus
with "Calculator" now being the virus, which launches itself *and* the original Calculator. You don't get to understand a thing, and the virus is running quietly on the background. P0wned.

untra wrote:And why was that causing the above error message?
See above for a (fantastic) case scenario. VirtualBox implements what's known as Hardening; if an application and its key components do not adhere to a set of rules, that could present a security threat to the host or the guests, it won't run. Period.

Count your blessings, it way, way worse in the Windows world, mainly because of its lax security rules, and past mistakes...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
socratis
Site Moderator
 
Posts: 27259
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5


Return to Mac OS X Guests

Who is online

Users browsing this forum: No registered users and 3 guests