On 08/19/2014 02:38 PM, arnaud gaboury wrote:
$ uname -r
3.16.1-1-ARCH
-
As a regular user, member of the libvirt group, I run this command to
create a basic VM:
virt-install --connect qemu:///system --name=test --ram 2048 --cpu
host-model-only --os-variant=win7 --disk /myVM/test --boot cdrom,hd
--virt-type kvm --graphics spice --controller scsi,model=virtio-scsi
--cdrom=/drawer/myIso/w8.iso
It returns an error :
--
---
Starting install...
ERRORinternal error: process exited while connecting to monitor:
Could not access KVM kernel module: Permission denied
failed to initialize KVM: Permission denied
-
$ getfacl /dev/kvm
# file: dev/kvm
# owner: root
# group: kvm
user::rw-
user:martinus:rw-
group::rw-
mask::rw-
other::---
The command return seems to indicate rights are correct.
$ lsmod return kvm kvm_intel are loaded.
If I run the virt-install with qemu:///session, I do not have this
issue and can create the VM.
I found many entries about the KVM permission issue, but with no clear
answer to solve it.
When connecting to qemu:///system, libvirt does not run VMs as your regular
user. What user libvirtd uses though is dependent on how it's configured. On
Fedora, qemu VMs are run as the 'qemu' user. If that's how it's configured on
your distro, the above permissions would block use of /dev/kvm. Here's how
permissions look on Fedora 20 for me:
$ ls -l /dev/kvm
crw-rw-rw-+ 1 root kvm 10, 232 Aug 8 09:51 /dev/kvm
$ getfacl /dev/kvm
getfacl: Removing leading '/' from absolute path names
# file: dev/kvm
# owner: root
# group: kvm
user::rw-
user:crobinso:rw-
group::rw-
mask::rw-
other::rw-
Those permissive permissions are set by a udev rule installed by
qemu-system-x86:
$ cat /lib/udev/rules.d/80-kvm.rules
KERNEL==kvm, GROUP=kvm, MODE=0666
So perhaps your distro should do the same.
- Cole
--
To unsubscribe from this list: send the line unsubscribe kvm in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html