Run libguestfs tools (virt-clone, virt-customize, virt-builder) as a non root user in a qemu:///system connection

janfishergg · May 31, 2022, 12:19am

There doesn’t seem to be an obvious way to run these tools as a non root user. The man page [1] for virt-customize says “You do not need to run virt-customize as root. In fact we’d generally recommend that you don’t.”. The same is said for the other tools.

The problem is that there doesn’t seem to be a way to run it as a non root user if the qemu:///system libvirt connection is used and this is the only configuration that provides good network performance. Using virt-manager it’s possible to create and manage virtual machines as a non root user. Running any of the tools mentioned in the title fails as a regular user doesn’t have permissions to write to files in the libvirt’s default storage pool which is /var/lib/libvirt/images.

For example running virt-builder [2] will fail because of lack of write permissions [3]. This is understandable but then how can one achieve a workflow of running all these tools as a non root user as the man page suggests?

Does anyone know a workflow that actually allows for creation, cloning, customizing virtual machine disks as a non root user?

[1] virt-customize

[2]

[johnd@fedora35 ~]$ virt-builder fedora-35 --format qcow2 --output /var/lib/libvirt/images/orange.qcow2 --hostname orange
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
[   1.3] Downloading: http://builder.libguestfs.org/fedora-35.xz
[   2.2] Planning how to build this image
[   2.2] Uncompressing
[  10.5] Converting raw to qcow2
[johnd@fedora35 ~]$ echo $?
1
[johnd@fedora35 ~]$ sudo ls /var/lib/libvirt/images/
base.qcow2

[3]

[johnd@fedora35 ~]$ ls -ld /var/lib/libvirt/images/
drwx-----x. 1 root root 20 May 18 02:56 /var/lib/libvirt/images/

Topic		Replies	Views
On Fedora I can use gnome-boxes to create VM's as a non-root user. What makes this possible? Ask Fedora f37	2	745	February 1, 2023
Libvirt virt-manager filesystem mode passthrough unavailable Ask Fedora f32 , libvirt	9	4495	December 13, 2020
HowTo: Use the unprivileged "user session" in virt-manager for rootless virtualization with Qemu and KVM Ask Fedora virt-manager , flatpak , libvirt , qemukvm , virtualization , gnome , virtualbox , wheel , su-confined-users , proposed-howto	14	1459	July 29, 2024
Silverblue, libvirt and virt-manager Project Discussion silverblue-team	5	6062	February 16, 2020
Using qemu:///session in toolbox or distrobox Ask Fedora silverblue	2	997	July 4, 2022

Run libguestfs tools (virt-clone, virt-customize, virt-builder) as a non root user in a qemu:///system connection

Related topics