In fact udev-acl appears to be doing it. When logging into a simple ubuntu desktop with qemu-system not installed, I log in and find /dev/kvm is root:root rwm------ with a group::--- acl installed. I verify the acl by doing 'chmod g+rw /dev/kvm' followed by ls -l /dev/kvm and getfacl /dev/kvm showng that /dev/kvm is now rwxrw---- but the group::--- acl is still there.
Next I moved /usr/lib/ConsoleKit/run-seat.d/udev-acl.ck to /root/ and rebooted, and ssh'd in. Now /dev/kvm had no acls and was serge@ubuntu:~$ ls -l /dev/kvm crw-rw---- 1 root root 10, 232 Jan 29 01:04 /dev/kvm serge@ubuntu:~$ getfacl /dev/kvm getfacl: Removing leading '/' from absolute path names # file: dev/kvm # owner: root # group: root user::rw- group::rw- other::--- (I next undid this by doing 'chmod g-rw /dev/kvm') Next I manually ran: /lib/udev/udev-acl -a change --device=/dev/kvm after this, I got: root@ubuntu:~# getfacl /dev/kvm getfacl: Removing leading '/' from absolute path names # file: dev/kvm # owner: root # group: root user::rw- user:lightdm:rw- group::--- mask::rw- other::--- root@ubuntu:~# chmod g+rw /dev/kvm root@ubuntu:~# getfacl /dev/kvm getfacl: Removing leading '/' from absolute path names # file: dev/kvm # owner: root # group: root user::rw- user:lightdm:rw- group::--- mask::rw- other::--- showing that running udev-acl.ck is what is causing the group acl to be created, even though it's not obvious, looking at the udev-acl.c code, how it would do so. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1103022 Title: 70-udev-acl.rules needs to put g+rw on /dev/kvm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/udev/+bug/1103022/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs