[libvirt] A difference between libvirt and execution in bash shell
Once I type my qemu command line in bash shell and execute it. Then I use ps -aux to list the qemu process, results indicates the user of the qemu vm is "root" (Of course I logged with root). However, if I use libvirt to start a qemu vm, the user of qemu become "qemu". Could you tell me something about the user "qemu"? Also, how does this difference happen? Thank you.
On Tue, 2016-04-26 at 09:36 +0800, zhukaijie wrote:
Once I type my qemu command line in bash shell and execute it. Then I use ps -aux to list the qemu process, results indicates the user of the qemu vm is "root" (Of course I logged with root). However, if I use libvirt to start a qemu vm, the user of qemu become "qemu". Could you tell me something about the user "qemu"? Also, how does this difference happen? Thank you.
libvirt will launch qemu processes as a different user for security reasons: while the libvirtd process needs to be running as root in order to perform system setup tasks, the guest processes themselves don't need to, and the overall system security / stability benefits from them running as a different user. You can override the user (I believe "qemu" to be the default) by changing the "user" and "group" settings in your /etc/libvirt/qemu.conf. On a side note, this mailing list is about the development of libvirt itself; please send inquiries about libvirt usage to the libvirt-users@redhat.com mailing list instead. -- Andrea Bolognani Software Engineer - Virtualization Team
participants (2)
-
Andrea Bolognani -
zhukaijie