Comment 6 for bug 1852940

I expect that making /dev/kvm world writable is a security hole. Still, it's useful to know where the problem lies. I think you're hitting https://bugs.launchpad.net/kolla/+bug/1681461, which has been around for a long time. It would be great if we could get it fixed.

The workaround used by Lev Klimin posted in that bug report is similar to yours, but probably a bit more secure:

KERNEL=="kvm", GROUP="42427", MODE="0660"

The 42427 comes from our static user/group IDs listed in kolla/common/config.py.