Red Hat Bugzilla – Bug 497341
Make the /dev/kvm device world accessible to all users by default
Last modified: 2009-07-16 06:33:21 EDT
Description of problem:
Currently the /dev/kvm device mode restricts access to just the root user. It is desirable for unprivileged user accounts to be able to run unprivileged QEMU instances and have them be fast. This means they need to be able to access /dev/kvm. Using a group is not desirable because we want virt to work well out of the box, without needing magic configs.
Previously there were some resource utilization concerns from unprivileged users accessing /dev/kvm, but to quote a discussion I had with Avi
>Previously we didn't alow non-root access to /dev/kvm because this
>would result in users guests pinning memory in the host preventing
>normal swap usage. This restriction should have been removed by
>now though, right ? Are their any other resource usage implications
No known resource holes. kvm does pin some kernel memory for each VM,
but the number of VMs a user can create is limited.
Ergo, we should make /dev/kvm mode 0666 by default
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Run qemu-kvm as non-root
It cannot open /dev/kvm
It can open /dev/kvm
Adding to F12 target
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
Built into qemu-0.10.50-10.kvm87.fc12