https://bugzilla.novell.com/show_bug.cgi?id=640767 https://bugzilla.novell.com/show_bug.cgi?id=640767#c0 Summary: libvirt should use non-root for qemu-kvm process if possible. Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: x86 OS/Version: openSUSE 11.3 Status: NEW Severity: Minor Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: zhubr@mail.ru QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 libvirt should use non-root for starting qemu-kvm, as recommended in qemu docs (Let's be paranoid!) This in fact seems to work fine after some trivial tweaking like: useradd vm_runner -G kvm --- /etc/libvirt/qemu.conf.save>2010-09-20 15:53:49.851690646 +0400 +++ /etc/libvirt/qemu.conf<---->2010-09-21 13:49:02.391942397 +0400 @@ -168,3 +168,7 @@ # be assigned to guests. # # relaxed_acs_check = 1 + +# Avoid running qemu-kvm as root. +user = "vm_runner" +group = "kvm" Reproducible: Always Steps to Reproduce: 1. Install libvirt and qemu-kvm 2. Create and start some kvm-type vm 3. ps -A -f | grep qemu Actual Results: qemu running as root:root Expected Results: qemu should be running as non-root -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.