Polkit password-less access for the 'libvirt' group
Users who admin their own machines often want to be able to use tools like virt-manager without having to enter a root password. Just google 'virt-manager without password' and see all the hits. I've seen many blogs and articles over the years describing various ways to work around it.
The password prompting is via libvirt's polkit integration. The idea is that we want applications like virt-manager to run as a regular unprivileged user (running GUI apps as root is considered a security no-no), and only use the root authentication for talking to the system libvirtd instance. Most workarounds suggest installing a polkit rule to allow your user, or a particular user group, to access libvirt without needing to enter the root password.
In libvirt v1.2.16 we finally added official support for this (and backported to Fedora22+). The group is predictably called libvirt
. This matches polkit rules that debian and suse were already shipping too.
So just add your user to the libvirt
group and enjoy passwordless virt-manager usage:
usermod --append --groups libvirt $(whoami)