Professional Documents
Culture Documents
blog.wikichoon.com
qemu:///system vs qemu:///session |
Cole Robinson
Cole Robinson
5-7 Minuten
That describes the 'what', but the 'why' is a bigger story. The
privilege level of libvirtd and VMs have pros and cons depending
on your usecase. The easiest way to understand the benefit of
one over the other is to list the problems with each setup.
qemu:///system
Desktop use cases also suffer as VMs are run as the qemu user,
but the app (like virt-manager) is running as your local user. For
example, say you download an ISO to $HOME and want to attach
it to a VM. The VM is running as unprivileged user qemu and
can't access your $HOME, so libvirt has to change the ISO file
owner to qemu:qemu and virt-manager has to give search
access to $HOME for user qemu. It's a pain for apps to handle,
and it's confusing for users, but after dealing with it for a while in
virt-manager we've made it generally work. (Though try giving a
VM access to a file on a fat32 USB drive that was automounted
by your desktop session...)
qemu:///session
How to decide