From 5cc7ae0926454f93998f7c25b931dae7eec0539d Mon Sep 17 00:00:00 2001 From: Jonatan Schlag Date: Fri, 17 Jun 2016 13:06:40 +0200 Subject: [PATCH] Qemu: add a group kvm to access /dev/kvm eaiser As a normal user, it is not possible to use qemu with KVM. This is bad because it is better when it is possible to start the machine with a less privileged user. To achieve this a group KVM is created and the access to /dev/kvm is allowed for this group. So every user in this group can use qemu with KVM. This change is also useful for libvirt because the VMs can be started with user nobody and group kvm. Signed-off-by: Jonatan Schlag Signed-off-by: Michael Tremer --- config/qemu/65-kvm.rules | 2 ++ config/rootfiles/packages/qemu | 1 + lfs/qemu | 4 +++- src/paks/qemu/install.sh | 2 ++ 4 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 config/qemu/65-kvm.rules diff --git a/config/qemu/65-kvm.rules b/config/qemu/65-kvm.rules new file mode 100644 index 000000000..569ded9f9 --- /dev/null +++ b/config/qemu/65-kvm.rules @@ -0,0 +1,2 @@ +KERNEL=="kvm", GROUP="kvm", MODE="0660" +KERNEL=="vhost-net", GROUP="kvm", MODE="0660", TAG+="uaccess", OPTIONS+="static_node=vhost-net" diff --git a/config/rootfiles/packages/qemu b/config/rootfiles/packages/qemu index 482087b7b..3b3f3616d 100644 --- a/config/rootfiles/packages/qemu +++ b/config/rootfiles/packages/qemu @@ -1,3 +1,4 @@ +lib/udev/rules.d/65-kvm.rules usr/bin/qemu usr/bin/qemu-arm usr/bin/qemu-ga diff --git a/lfs/qemu b/lfs/qemu index 804ec269f..c32953c97 100644 --- a/lfs/qemu +++ b/lfs/qemu @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = qemu -PAK_VER = 18 +PAK_VER = 19 DEPS = "sdl spice" @@ -95,6 +95,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) paxctl -m -r /usr/bin/qemu-arm paxctl -m -r /usr/bin/qemu-i386 paxctl -m -r /usr/bin/qemu-x86_64 + # install an udev script to set the permissions of /dev/kvm + cp -avf $(DIR_SRC)/config/qemu/65-kvm.rules /lib/udev/rules.d/65-kvm.rules @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/src/paks/qemu/install.sh b/src/paks/qemu/install.sh index a9f7321c0..e44ba5eca 100644 --- a/src/paks/qemu/install.sh +++ b/src/paks/qemu/install.sh @@ -22,6 +22,8 @@ ############################################################################ # . /opt/pakfire/lib/functions.sh +#create the group kvm when they not exist +getent group kvm >/dev/null || groupadd kvm extract_files restore_backup ${NAME} echo shm /dev/shm tmpfs defaults,size=256M 0 0 >> /etc/fstab