Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / HEAD
commit86f10e57d1c288fc97be7a03b03b31bedfcb0f44[log] [tgz]
authorJan Schär <jan@monogon.tech>Mon Nov 03 10:12:50 2025 +0100
committerJan Schär <jan@monogon.tech>Mon Nov 03 14:26:50 2025 +0000
tree9b715114f72537179dfa95914495abd1b5bebb65
parent4c4a7048de54e4e5d3400ecd3c22ae582e3abe9a [diff]
m/n/k/plugins/kvmdevice: allow everyone to access /dev/kvm

This changes the permissions of /dev/kvm to allow everyone access.
Previously, only the owner, which is root, had access.

This allows containers which don't run as root to use KVM. It also makes
KVM accessible in user namespace containers, where the owner is mapped
to nobody, such that access is only possible if "other" has permissions.

Change-Id: Ie438d2ab40468a6d3002c3890b75b9c43188198d
Reviewed-on: https://review.monogon.dev/c/monogon/+/4654
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
1 file changed
tree: 9b715114f72537179dfa95914495abd1b5bebb65
  1. .github/
  2. .vscode/
  3. build/
  4. cloud/
  5. go/
  6. metropolis/
  7. osbase/
  8. third_party/
  9. tools/
  10. version/
  11. .bazelignore
  12. .bazelproject
  13. .bazelrc
  14. .bazelrc.ci
  15. .bazelversion
  16. .envrc
  17. .git-ignore-revs
  18. .gitignore
  19. .gitreview
  20. BUILD.bazel
  21. CODING_STANDARDS.md
  22. go.mod
  23. go.sum
  24. LICENSE
  25. MODULE.bazel
  26. MODULE.bazel.lock
  27. README.md
  28. SETUP.md
  29. shell.nix
README.md

Monogon Monorepo

This is the main repository containing the source code for the Monogon Platform.

This is pre-release software - take a look, and check back later! In the meantime, join us on Matrix (#monogon-os-community:matrix.org) or Discord.

Environment

Our build environment is self-contained and requires only minimal host dependencies:

  • A Linux machine or VM.
  • Bazelisk >= v1.15.0 (or a working Nix environment).
  • git to check out modules.
  • python3 to generate the workspace status to stamp.
  • A reasonably recent kernel, user namespaces are recommended for performance reasons.
  • Working KVM with access to /dev/kvm (if you want to run tests).

Our docs assume that Bazelisk is available as bazel on your PATH.

Refer to SETUP.md for detailed instructions.

Monogon OS

The source code lives in //metropolis (Metropolis is the codename of Monogon OS).

See the //metropolis/README.md for a developer quick start guide, or see the Monogon OS Handbook for user documentation.