Merge pull request #245 from bmwiedemann/qemuuser

add --vm-user option to run kvm as non-root
openSUSE · Mar 1, 2016 · 3063d0c · 3063d0c
2 parents 570e3e8 + 351b4f0
commit 3063d0c
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 1 deletion.
diff --git a/build b/build
@@ -324,6 +324,9 @@ Known Parameters:
   --vm-initrd FILE
               Kernel and initrd to use for VM (kvm and qemu only)
 
+  --vm-user   USERNAME
+              User name to run qemu/kvm process
+
   --vm-telnet PORT
               Is forwarding PORT to a telnet session inside of the VM.
               Specify also needed extra packages via -x parameter, usually:

diff --git a/build-vm b/build-vm
@@ -231,6 +231,11 @@ vm_parse_options() {
       -vm-watchdog)
 	VM_WATCHDOG=true
       ;;
+      -vm-user)
+        needarg
+        VM_USER="$ARG"
+        shift
+      ;;
       -vm-telnet)
         needarg
         VM_TELNET="$ARG"

diff --git a/build-vm-kvm b/build-vm-kvm
@@ -30,6 +30,13 @@ kvm_serial_device=
 kvm_rng_device=virtio-rng-pci
 kvm_options=
 
+function complain()
+{
+    local ex=$1; shift
+    printf "Error: %s\n" "$@" >&2
+    cleanup_and_exit $ex
+}
+
 kvm_check_ppc970() {
     if ! grep -q -E '(kvm_rma_count.*kvm_hpt_count)|(kvm_hpt_count.*kvm_rma_count)' /proc/cmdline ; then 
 	echo "put kvm_rma_count=<VM number> or kvm_hpt_count=<> to your boot options"
@@ -201,6 +208,16 @@ vm_verify_options_kvm() {
 vm_startup_kvm() {
     qemu_bin="$kvm_bin"
     qemu_args=(-drive file="$VM_IMAGE",format=raw,if=none,id=disk,serial=0,cache=unsafe -device "$kvm_device",drive=disk)
+    local sudo=
+    if [ -n "$VM_USER" ] ; then
+	sudo=/usr/bin/sudo
+	[ -x $sudo ] || complain 21 "cannot find sudo"
+	grep -q "^$VM_USER:" /etc/passwd || complain 22 "cannot find KVM user '$VM_USER'"
+	sudo="$sudo -u $VM_USER"
+	for f in "$VM_IMAGE" "$VM_SWAP" "$vm_initrd" ; do
+	    [ -n "$f" ] && chown $VM_USER "$f"
+	done
+    fi
     if test -n "$VM_SWAP" ; then
 	qemu_args=("${qemu_args[@]}" -drive file="$VM_SWAP",format=raw,if=none,id=swap,serial=1,cache=unsafe -device "$kvm_device",drive=swap)
     fi
@@ -235,7 +252,7 @@ vm_startup_kvm() {
     if test -n "$VM_TELNET"; then
         kvm_options="$kvm_options -netdev user,id=telnet,hostfwd=tcp:127.0.0.1:$VM_TELNET-:23 -device e1000,netdev=telnet"
     fi
-    set -- $qemu_bin -nodefaults -no-reboot -nographic -vga none $kvm_options \
+    set -- $sudo $qemu_bin -nodefaults -no-reboot -nographic -vga none $kvm_options \
 	-kernel $vm_kernel \
 	-initrd $vm_initrd \
 	-append "root=$qemu_rootdev $qemu_rootfstype $qemu_rootflags panic=1 quiet no-kvmclock nmi_watchdog=0 rw rd.driver.pre=binfmt_misc elevator=noop console=$kvm_console init=$vm_init_script" \