Public bug reported: It would be nice if /dev/kvm were world-accessible, so that unprivileged users could use hardware virtualization features without needing to be added to the kvm group in advance by a system administrator.
Currently the following rule is in place on Natty: w-a-thornhump-iii:~ geofft$ less /lib/udev/rules.d/45-qemu-kvm.rules KERNEL=="kvm", GROUP="kvm", MODE="0660" I'd like that to be changed to mode 0666. Fedora has decided that this is okay in terms of security, and that this is a useful change to be made. On my Fedora 15 box, the following rule is in place: busy-beaver:/etc/udev/rules.d geofft$ less 80-kvm.rules KERNEL=="kvm", GROUP="kvm", MODE="0666" (I don't understand why it's in /etc, but it is in fact packaged in qemu-system-x86-0.14.0-7.) See also "We have already reserved a group called 'kvm' in the setup package, so no need for yet another called 'vm'. The /dev/kvm should be chgrp kvm by default. That said I agree with Mark that it'd be desirable to also make it possible to just any normal user access to /dev/kvm out of the box, so libvirt's per-user qemu:///session connection can be used" from https://bugzilla.redhat.com/show_bug.cgi?id=481260 . I'm working on a software package that would benefit from unprivileged remote users being able to access kvm, so this change would be beneficial to me. It sounds from the above text that this would also make using libvirt easier. ** Affects: kvm (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/840925 Title: Please make /dev/kvm world-accessible in 45-qemu-kvm.rules To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/840925/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
