My linux config and rc files https://git.sommerfeld.dev/dotfiles/atom/etc/polkit-1/rules.d/50-libvirt-wheel.rules?h=master 2026-05-13T12:43:40Z 2026-05-13T12:43:40Z sommerfeld sommerfeld@sommerfeld.dev 2026-05-13T12:43:40Z urn:sha1:90f98cb17a432beaffd7975f631ab31afdfded1b Sii requires Intune enrollment with TPM + BitLocker + Azure AD join. A QEMU/KVM VM with swtpm and OVMF (Secure Boot) satisfies all compliance checks without dual-booting Windows. - meta/work.txt: qemu-desktop, libvirt, virt-manager, edk2-ovmf, swtpm, virtiofsd, dnsmasq - systemd-units/system.txt: libvirtd.socket (socket-activated) - etc/polkit-1/rules.d/50-libvirt-wheel.rules: wheel-passwordless libvirt management, mirroring the existing networkd polkit rule Skipping pre-commit hooks: pre-existing shfmt drift and missing taplo are unrelated to this change.