[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Use virt-manager as a non-root user

KVM
#1

According to doc

In some google guides i found that following steps are needed in addition .

Edit libvirtd configuration file to add group

Open the file /etc/libvirt/libvirtd.conf for editing.

sudo vim /etc/libvirt/libvirtd.conf

Set the UNIX domain socket group ownership to libvirt, (around line 85)

unix_sock_group = “libvirt”

Set the UNIX socket permissions for the R/W socket (around line 102)

unix_sock_rw_perms = “0770”

Restart libvirt daemon after making the change.

sudo systemctl restart libvirtd.service

Why are these steps not mentioned in Whonix documentation ?

1 Like
#2

virt-manager already runs as user, i think you’re confusing virt-manager, the UI front-end with actual hypervisor
KVM by design is run in the kernel and thus is already root, qemu also requires if you’re using it with KVM.

if you are talking about users access to virtual machines without root, the wiki segment you linked already states if your user in is kvm group as well as libvirt you can run without root, however it is aimed for Debian and additional groups user must be added to depending on your distribution.

To be honest I am confused of what is your post about as those steps you mentioned I have never seen in my entire life and you certainly don’t need them to run KVM-QEMU as regular user.

#3

just click on whonix for kvm lon my first post , it will redirect you to exact section

Addgroup

sudo addgroup “$(whoami)” libvirt

sudo addgroup “$(whoami)” kvm

But on some video trainings and google they mentioned more steps to do after commands above
Like here

#4

new wiki chapter created just now:
https://www.whonix.org/wiki/Introduction##Third_Party_Documentation

Most likely because these instructions are generic, for many Linux distributions. As the article is saying, quote:

Some distributions may be using libvirtd.

In other words, the instructions are and not specifically for Debian (based) distributions. And that is OK. That is not to criticize the article generally. This style of generic instruction can be useful for system administrators and developers. See also Linux From Scratch.

Debian (if the packages are installed) by default has a libvirt linux user group.

Therefore also for example command sudo groupadd --system libvirt isn’t needed.

For users it will be difficult to contextualize it. Therefore…

…isn’t the right question. Would be rather, are these steps required in Whonix documentation? And then more generally, would these steps be required in Debian? Does Debian, Kicksecure (which Whonix is based on) or Whonix do this already?

If you’re an auditor, you’re welcome to scrutinize all of this but it requires being a very advanced user (being able to contextualize the applicability of instructions Linux from scratch, Debian, Kicksecure, Whonix) to avoid flooding support with too many questions because this is a tiny pick. Thousands of similar questions could be asked.

Therefore https://www.whonix.org/wiki/Reporting_Bugs#Support_Request_Policy applies.

Note:
I am not a maintainer of Whonix KVM.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]