Description of problem: Currently the /dev/kvm device mode restricts access to just the root user. It is desirable for unprivileged user accounts to be able to run unprivileged QEMU instances and have them be fast. This means they need to be able to access /dev/kvm. Using a group is not desirable because we want virt to work well out of the box, without needing magic configs. Previously there were some resource utilization concerns from unprivileged users accessing /dev/kvm, but to quote a discussion I had with Avi [quote] >Previously we didn't alow non-root access to /dev/kvm because this >would result in users guests pinning memory in the host preventing >normal swap usage. This restriction should have been removed by >now though, right ? Are their any other resource usage implications >remaining ? > No known resource holes. kvm does pin some kernel memory for each VM, but the number of VMs a user can create is limited. [/quote] Ergo, we should make /dev/kvm mode 0666 by default Version-Release number of selected component (if applicable): qemu-0.10-8.fc11.x86_64 kernel-2.6.29.1-100.fc11.x86_64 How reproducible: Always Steps to Reproduce: 1. Run qemu-kvm as non-root 2. 3. Actual results: It cannot open /dev/kvm Expected results: It can open /dev/kvm Additional info:
Adding to F12 target
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
See also: https://fedoraproject.org/wiki/Features/VirtPrivileges
Built into qemu-0.10.50-10.kvm87.fc12