On Fri, 2016-06-10 at 11:36 +0200, Jonatan Schlag wrote: > As a normal user, it is not possible to use qemu with KVM. This is bad > because it is better when it is possible to start the machine with a > less privileged user. To achieve this a group KVM is created and the > access to /dev/kvm is allowed for this group. So every user in this > group can use qemu with KVM. > This change is also useful for libvirt because the VMs can be started > with user nobody and group kvm. > > Signed-off-by: Jonatan Schlag > --- >  config/qemu/65-kvm.rules       | 2 ++ >  config/rootfiles/packages/qemu | 1 + >  lfs/qemu                       | 4 +++- >  src/paks/qemu/install.sh       | 2 ++ >  4 files changed, 8 insertions(+), 1 deletion(-) >  create mode 100644 config/qemu/65-kvm.rules > > diff --git a/config/qemu/65-kvm.rules b/config/qemu/65-kvm.rules > new file mode 100644 > index 0000000..569ded9 > --- /dev/null > +++ b/config/qemu/65-kvm.rules > @@ -0,0 +1,2 @@ > +KERNEL=="kvm", GROUP="kvm", MODE="0660" > +KERNEL=="vhost-net", GROUP="kvm", MODE="0660", TAG+="uaccess", > OPTIONS+="static_node=vhost-net" > diff --git a/config/rootfiles/packages/qemu b/config/rootfiles/packages/qemu > index 482087b..3b3f361 100644 > --- a/config/rootfiles/packages/qemu > +++ b/config/rootfiles/packages/qemu > @@ -1,3 +1,4 @@ > +lib/udev/rules.d/65-kvm.rules >  usr/bin/qemu >  usr/bin/qemu-arm >  usr/bin/qemu-ga > diff --git a/lfs/qemu b/lfs/qemu > index 804ec26..c32953c 100644 > --- a/lfs/qemu > +++ b/lfs/qemu > @@ -33,7 +33,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP) >  TARGET     = $(DIR_INFO)/$(THISAPP) >  SUP_ARCH   = i586 x86_64 >  PROG       = qemu > -PAK_VER    = 18 > +PAK_VER    = 19 >   >  DEPS       = "sdl spice" >   > @@ -95,6 +95,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >   paxctl -m -r /usr/bin/qemu-arm >   paxctl -m -r /usr/bin/qemu-i386 >   paxctl -m -r /usr/bin/qemu-x86_64 > + # install an udev script to set the permissions of /dev/kvm > + cp -avf $(DIR_SRC)/config/qemu/65-kvm.rules /lib/udev/rules.d/65- > kvm.rules >   >   @rm -rf $(DIR_APP) >   @$(POSTBUILD) > diff --git a/src/paks/qemu/install.sh b/src/paks/qemu/install.sh > index a9f7321..9afe7f9 100644 > --- a/src/paks/qemu/install.sh > +++ b/src/paks/qemu/install.sh > @@ -22,6 +22,8 @@ >  ############################################################################ >  # >  . /opt/pakfire/lib/functions.sh > +create the group kvm when they not exist The line above should be a comment... > +getent group kvm >/dev/null || groupadd kvm >  extract_files >  restore_backup ${NAME} >  echo shm /dev/shm tmpfs defaults,size=256M 0 > 0 >> /etc/fstab