Currently, the build environment made by the daemon does not preserve supplementary groups of the build users.
Thus, even though the standalone Guix system sets /dev/kvm 660, owned by
root:kvm, and adds the build users to the kvm group, build users are
unable to access it.
This can be see with:
(gexp->derivation "foo"
#~(begin (mkdir #$output)(pk (stat:gid (stat "/dev/kvm")) (getgroups))))
The workaround for now is to make /dev/kvm 666.
Ludo’.
