Hello all. I’ve been using KVM for a long time now. Every time I try to use virt-manager as a non-root user, I have to enter the sudo password. This ain’t a problem but if you use virt-manager most of the times, it can be boring and irritating.

For KVM installation, refer to our guides below.

How to install KVM on RHEL/CentOS 8Fedora, Arch LinuxCentOS, Ubuntu/Debian, SLES

I’ll show you a simple way to use virt-manager as a non-root user, by just creating a libvirt group and adding a standard user account to it. Without wasting much time, let’s dive in.

To use virt-manager as a non-root user, follow steps below:

Step 1 – Create unix group to use

First check if group already exist, if not create it

sudo getent group | grep libvirt

Some distributions may be using libvirtd.

sudo getent group | grep libvirtd

If it doesn’t exist, add it as system group.

sudo groupadd --system libvirt

Step 2 – Add user account to the libvirt group

Now that the group is available, add your user account to the group.

sudo usermod -a -G libvirt $(whoami)
newgrp libvirt

Verify that user is added to libvirt group.

$ id $(whoami)
uid=1000(jmutai) gid=1000(jmutai) groups=1000(jmutai),998(wheel),992(kvm),988(storage),968(libvirt),108(vboxusers)

Step 3 – Edit libvirtd configuration file to add group

Open the file /etc/libvirt/libvirtd.conf for editing.

sudo vim /etc/libvirt/libvirtd.conf

Set the UNIX domain socket group ownership to libvirt, (around line 85)

unix_sock_group = "libvirt"

Set the UNIX socket permissions for the R/W socket (around line 102)

unix_sock_rw_perms = "0770"

Restart libvirt daemon after making the change.

sudo systemctl restart libvirtd.service

Check service status.

$ systemctl status libvirtd.service    
● libvirtd.service - Virtualization daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2019-04-19 08:48:13 EAT; 1h 16min ago
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 31709 (libvirtd)
Tasks: 26 (limit: 32768)
Memory: 64.7M
CGroup: /system.slice/libvirtd.service
├─ 754 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leases>
├─ 755 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leases>
├─ 777 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/docker-machines.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir>
├─ 778 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/docker-machines.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir>
├─25924 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/vagrant-libvirt.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir>
├─25925 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/vagrant-libvirt.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir>
├─25959 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/fed290.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leasesh>
├─25960 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/fed290.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leasesh>
└─31709 /usr/bin/libvirtd

Step 4 – Launch virt-manager

Start Virtual Machine Manager from the command line or your Start menu.

$ virt-manager

You should be able to create a VM without getting a permission error.

use virt manager non root user

You should be able to use virt-manager as a non-root user. If not, try to read your libvirtd.conf file to see the relevant sections to modify.

Conclusion

We’ve covered how to use virt-manager as a non-root user in easy to follow steps. You may have to install KVM virtualization package group to get tools including virt-manager.

Here are our few guides to get you started

Using Vagrant with Libvirt on Linux.

How to Provision VMs on KVM with Terraform

How to Create CentOS / Fedora / RHEL VM Templates on KVM

RHEL and CentOS Kickstart on KVM Automated Installation With virt-install

Further reading:

Mastering KVM Virtualization

Virtualization Essentials, 2nd Edition


Your support is our everlasting motivation,
that cup of coffee is what keeps us going!


As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.

4 COMMENTS

  1. Hi, i tried to store all my virtual machines on nfs or samba share but i have a lot of problems with permission. I can create volumes but i can’t create virtual machines. The nfs or samba shares are on synology machine.
    Unable to complete install: ‘internal error: child reported: unable to set user and group to ‘107:107’ on ‘/mnt/smb/centos7.0.qcow2′: Permission denied’

      • Thanks for the reply, I changed permissions a thousand time, even changed my nfs server operating system once (synology and freenas), nothing worked. Today I found a solution, I do not know if it is safe to do this but it worked: setenforce 0.

    • Please try this:

      Find kvm group ID:

      # getent group kvm
      kvm:x:36:qemu,sanlock

      Then configure your nfs export with below options:

      ..(rw,anonuid=36,anongid=36,all_squash)

      Replace 36 with your KVM group id.
      Re-export:

      # exportfs -rvv

      Let me know if this helps.

LEAVE A REPLY

Please enter your comment!
Please enter your name here