Allow access to anyone in the libvirt group to run virt-manager without sudo. Tested on Ubuntu 18.04. #Polkit #PolicyKit #pkaction #qemu #kvm #sudo #linux

50-org.libvirt.unix.manage.conf

# Ubuntu/Debian
# New rules files are written in JavaScript unsupported. (need pkaction 0.106+)
# /etc/polkit-1/localauthority/50-local.d/libvirt-manage.pkla

[libvirt Management Access]
Identity=unix-group:libvirt
Action=org.libvirt.unix.manage
ResultActive=yes
ResultInactive=yes
ResultAny=yes

80-libvirt-ingroup.rules

// CentOS/Fedora/RHEL
// /etc/polkit-1/rules.d/80-libvirt.rules
// https://libvirt.org/auth.html
// https://wiki.archlinux.org/index.php/Polkit
// https://gist.github.com/grawity/3886114

// sudo systemctl restart polkit

polkit.addRule(function(action, subject) {
 if (action.id == "org.libvirt.unix.manage" && subject.local && subject.isInGroup("libvirt")) {
   return polkit.Result.YES;
   // return polkit.Result.ALLOW;
 }
});

80-libvirt-user.rules

// https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html
// sudo systemctl restart polkit

// allow user denji
polkit.addRule(function(action, subject) {
 if (action.id == "org.libvirt.unix.manage" && subject.local && subject.user == "denji") {
   return polkit.Result.YES;
   // return polkit.Result.ALLOW;
 }
});

README.md

Groups $USER

groups $USER

User add (libvirt)

sudo gpasswd -a $USER libvirt
newgrp libvirt

User del (libvirt)

sudo gpasswd -d $USER libvirt