245728 – running kvm via a normal user

Bug 245728 - running kvm via a normal user

Summary: running kvm via a normal user

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kvm
Sub Component:
Version:	7
Hardware:	i386
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Jeremy Katz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-06-26 11:12 UTC by Deependra Singh Shekhawat
Modified:	2007-11-30 22:12 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2007-06-26 22:25:43 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Deependra Singh Shekhawat 2007-06-26 11:12:42 UTC

Description of problem:

I want to use virt-manager to utilize full virtualization provided by kvm as a
normal user. But I found that it is not possible. Either I need to run
virt-manager as root user or I need to add the normal user to sudoers list.
Isn't it possible to provide virtualization access to normal users too via
having some kind of udev rules.


Version-Release number of selected component (if applicable):
kvm-24-1
kernel-2.6.21-1.3228.fc7

Comment 1 Jeremy Katz 2007-06-26 22:25:43 UTC

The problem is that this allows the user to lock large amounts of memory on the
system which could be a DoS.

Comment 2 Josh Cogliati 2007-10-19 20:09:43 UTC

An alternative is to at least create a group kvm and then allow anyone in the
group to run kvm.  
All that needs to be done is add a kvm group and the following line somewhere in
a file in /etc/udev/rules.d/
KERNEL=="kvm",MODE="0660",GROUP="kvm"

Then the system admin can add users to kvm or not depending on whether they are
worried about the DoS possibilities.

Comment 3 Josh Cogliati 2007-11-14 18:30:26 UTC

See bug 346151 for a similar request.

Note You need to log in before you can comment on or make changes to this bug.