Using Vagrant with libvirt – SELinux

July 03, 2021

Vagrant is a framework to quickly spin up and manage virtual machines and is very popular within development communities. While Vagrant uses Oracle VirtualBox as the hypervisor by default, we can install a libvirt plugin to use Vagrant with libvirt, benefiting from the sVirt security offered by SELinux.

Deploying Vagrant and the libvirt plugin

The Vagrant application can be installed from a single RPM file. Find the latest version at and install it. For instance, for CentOS systems, you can use yum directly:

# yum install

To install the libvirt plugin, we first need to make sure that the dependencies are installed as well. The documentation, online at, gives a good overview of which packages need to be installed. Do not forget this step, as dependency failures during the plugin installation are not always obvious.

Once the dependencies are installed, use vagrant itself to download and install the plugin:

# vagrant plugin install vagrant-libvirt

After installing the plugin, we can go forward with setting up a Vagrant box.

Installing a libvirt-compatible box

Vagrant uses boxes: images prepared for quick installation using Vagrant. Not all Vagrant boxes are compatible with the libvirt provider. Luckily, the Vagrant Cloud website at allows you to quickly find compatible boxes.

Suppose we want to use a Fedora image called fedora/32-cloud-base, then we can configure it as follows:

  • Create a new directory, which we will define the box configuration in, and enter this location:
# mkdir vagrant
# cd vagrant
  • Initialize the Vagrant box, using the fedora/32-cloud-base box definition:
# vagrant init fedora/32-cloud-base

This will create an empty Vagrantfile that can be used to further configure the box.

  • Edit the Vagrantfile, and add the following code:
config.vm.provider :libvirt do |libvirt|
 libvirt.storage_pool_name = "images"
 libvirt.driver = "qemu" # or kvm

This will configure the libvirt provider to use the images directory as the default storage pool, and use the QEMU driver within libvirt.

  • Still inside the Vagrantfile, add the following code to give the box a proper name:
config.vm.define :test do |test| = "fedora/32-cloud-base"

The name chosen here is test, and will result in a virtual guest named vagrant_test.

  • To launch the test guest, run the vagrant up command like so:
# vagrant up --provider=libvirt

Depending on the speed of the system, this step can take a while to complete.

Once the guest is up and running, you can connect to it using vagrant ssh. While you can manipulate the guest with the virsh commands, you can also use vagrant halt to shut down, or vagrant destroy followed by vagrant box remove to remove the box from the system completely.

Configuring Vagrant boxes

Once a box is deployed, it is available through libvirt as a standard guest. That means that the operations we’ve seen before to modify its labels or tweak SELinux controls using the SELinux booleans still apply.

Let’s first verify that Vagrant is indeed using libvirt to launch its own boxes:

# virsh list --all
 Id Name State
 1 vagrant_test running

Sure enough, the guest is available and titled vagrant_test. We can modify its configuration with virsh edit as well:

# virsh edit vagrant_test

As long as the Vagrant box is not destroyed, the settings in libvirt will persist.

Related Articles

How to add swap space on Ubuntu 21.04 Operating System

How to add swap space on Ubuntu 21.04 Operating System

The swap space is a unique space on the disk that is used by the system when Physical RAM is full. When a Linux machine runout the RAM it use swap space to move inactive pages from RAM. Swap space can be created into Linux system in two ways, one we can create a...

read more

Lorem ipsum dolor sit amet consectetur


Submit a Comment

Your email address will not be published. Required fields are marked *

four × 4 =