Access to libvirt via Virt-Manager (non-root)

Access to anything using root passwords is a Bad Thing(tm), so Policy-Kit comes to the rescue.  Having never used Policy-Kit (polkit-d), it was always something disabled in order to limit the number of extraneous processes running on a server/hypervisor system. However, in this case, it comes in handy.

Create: /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla

[libvirt Management Access]
Identity=unix-group:libvirt
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes

From there, just make sure all of the VM admins are in the “libvirt” group.

Leave a Reply