[libvirt] A difference between libvirt and execution in bash shell

Andrea Bolognani abologna at redhat.com
Tue Apr 26 08:04:49 UTC 2016


On Tue, 2016-04-26 at 09:36 +0800, zhukaijie wrote:
> Once I type my qemu command line in bash shell and execute it.
> Then I use ps -aux to list the qemu process, results
> indicates the user of the qemu vm is "root" (Of course I logged
> with root). However, if I use libvirt to start a qemu
> vm, the user of qemu become "qemu". Could you tell me something
> about the user "qemu"? Also, how does this difference
> happen? Thank you.

libvirt will launch qemu processes as a different user for
security reasons: while the libvirtd process needs to be
running as root in order to perform system setup tasks, the
guest processes themselves don't need to, and the overall
system security / stability benefits from them running as
a different user.

You can override the user (I believe "qemu" to be the
default) by changing the "user" and "group" settings in
your /etc/libvirt/qemu.conf.

On a side note, this mailing list is about the development of
libvirt itself; please send inquiries about libvirt usage to
the libvirt-users at redhat.com mailing list instead.
-- 
Andrea Bolognani
Software Engineer - Virtualization Team




More information about the libvir-list mailing list