diff --git a/lib/nova b/lib/nova
index 7165ae228f..7e5bb9967f 100644
--- a/lib/nova
+++ b/lib/nova
@@ -247,11 +247,25 @@ EOF
             LIBVIRT_DAEMON=libvirtd
         fi
 
-        # For distributions using polkit to authorize access to libvirt,
-        # configure polkit accordingly.
-        # Based on http://wiki.libvirt.org/page/SSHPolicyKitSetup
+
+
         if is_fedora; then
-            sudo bash -c 'cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
+            # Starting with fedora 18 enable stack-user to virsh -c qemu:///system
+            # by creating a policy-kit rule for stack-user
+            if [[ "$os_RELEASE" -ge "18" ]]; then
+                rules_dir=/etc/polkit-1/rules.d
+                sudo mkdir -p $rules_dir
+                sudo bash -c "cat <<EOF > $rules_dir/50-libvirt-$STACK_USER.rules
+polkit.addRule(function(action, subject) {
+     if (action.id == 'org.libvirt.unix.manage' &&
+         subject.user == '"$STACK_USER"') {
+         return polkit.Result.YES;
+     }
+});
+EOF"
+                unset rules_dir
+            else
+                sudo bash -c 'cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
 [libvirt Management Access]
 Identity=unix-group:libvirtd
 Action=org.libvirt.unix.manage
@@ -259,6 +273,7 @@ ResultAny=yes
 ResultInactive=yes
 ResultActive=yes
 EOF'
+            fi
         elif is_suse; then
             # Work around the fact that polkit-default-privs overrules pklas
             # with 'unix-group:$group'.