[Bug 840925] [NEW] Please make /dev/kvm world-accessible in 45-qemu-kvm.rules

Sun Sep 4 11:43:06 UTC 2011

Public bug reported:

It would be nice if /dev/kvm were world-accessible, so that unprivileged
users could use hardware virtualization features without needing to be
added to the kvm group in advance by a system administrator.

Currently the following rule is in place on Natty:

w-a-thornhump-iii:~ geofft$ less /lib/udev/rules.d/45-qemu-kvm.rules
KERNEL=="kvm", GROUP="kvm", MODE="0660"

I'd like that to be changed to mode 0666. Fedora has decided that this
is okay in terms of security, and that this is a useful change to be
made. On my Fedora 15 box, the following rule is in place:

busy-beaver:/etc/udev/rules.d geofft$ less 80-kvm.rules
KERNEL=="kvm", GROUP="kvm", MODE="0666"

(I don't understand why it's in /etc, but it is in fact packaged in
qemu-system-x86-0.14.0-7.)

See also "We have already reserved a group called 'kvm' in the setup
package, so no need for yet another called 'vm'. The /dev/kvm should be
chgrp kvm by default. That said I agree with Mark that it'd be desirable
to also make it possible to just any normal user access to /dev/kvm out
of the box, so libvirt's per-user qemu:///session connection can be
used" from https://bugzilla.redhat.com/show_bug.cgi?id=481260 .

I'm working on a software package that would benefit from unprivileged
remote users being able to access kvm, so this change would be
beneficial to me. It sounds from the above text that this would also
make using libvirt easier.

** Affects: kvm (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to kvm in Ubuntu.
https://bugs.launchpad.net/bugs/840925

Title:
  Please make /dev/kvm world-accessible in 45-qemu-kvm.rules

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/840925/+subscriptions