Please make /dev/kvm world-accessible in 45-qemu-kvm.rules
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kvm (Ubuntu) |
Won't Fix
|
Wishlist
|
Unassigned |
Bug Description
It would be nice if /dev/kvm were world-accessible, so that unprivileged users could use hardware virtualization features without needing to be added to the kvm group in advance by a system administrator.
Currently the following rule is in place on Natty:
w-a-thornhump-iii:~ geofft$ less /lib/udev/
KERNEL=="kvm", GROUP="kvm", MODE="0660"
I'd like that to be changed to mode 0666. Fedora has decided that this is okay in terms of security, and that this is a useful change to be made. On my Fedora 15 box, the following rule is in place:
busy-beaver:
KERNEL=="kvm", GROUP="kvm", MODE="0666"
(I don't understand why it's in /etc, but it is in fact packaged in qemu-system-
See also "We have already reserved a group called 'kvm' in the setup package, so no need for yet another called 'vm'. The /dev/kvm should be chgrp kvm by default. That said I agree with Mark that it'd be desirable to also make it possible to just any normal user access to /dev/kvm out of the box, so libvirt's per-user qemu:///session connection can be used" from https:/
I'm working on a software package that would benefit from unprivileged remote users being able to access kvm, so this change would be beneficial to me. It sounds from the above text that this would also make using libvirt easier.
Changed in kvm (Ubuntu): | |
importance: | Undecided → Wishlist |
Changed in kvm (Ubuntu): | |
status: | New → Incomplete |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in kvm (Ubuntu): | |
assignee: | Jamie Strandboge (jdstrand) → nobody |
status: | Incomplete → Won't Fix |
The reasons for limiting access to /dev/kvm expired years ago. There's
no longer any particular reason to not make it world writable.
-- linux2go. dk/ www.ubuntu. com/ www.openstack. org/
Soren Hansen | http://
Ubuntu Developer | http://
OpenStack Developer | http://