KVM/qemu user session vs root session

Hi all,

I’m trying to set up a some qemu vms to test several stuff. Confused about access levels/rights:

  • When using a root session, I can see and create virtual networks, virtual machines, storage pools etc. But not that easy to use e.g. storage pools created by root, as the final processes seems to be run as qemu.qemu and are not allowed to access the root-owned qcow2 files. Fine/better after chmod of these files.
  • Vice versa, when using a (preferred) user session, added my local user “michael” to group qemu, I can create, run and use vms including storage pools, but I don’t see and I’m not able to create any virtual networks. Making the vms more or less useless :slight_smile:

Seems that I missed something, any hints about infos for the underlying user/access concept of KVM on openSUSE?

Regards,
Michael

I give the user “qemu” write permission to the folders where my VM images are located.
In case of block-devices you can add the user “qemu” to the group “disk” which is the owner of storage devices (lookup the permission on e.g. /dev/dm-0).

I don’t use storage pools, so can’t say if the above will work with pools.

I my view storage pools just add a layer of complexity that I don’t need (but I’m not using any GUI manager tools where it might be required)

I just run “virt-manager” as the root user (started vi “su” or equivalent), and work from there. I use the virt-manager GUI to create virtual machines.

Looking at the “qcow2” image files – all but one is owned by “root:root”. The odd one is owned by “qemu:qemu”, however that one was created with “virt-install” (also run by root) rather than via the GUI.