why an instance creates root:root files and sockets

when i create an instance in openstack Rocky,and i put the following in instance xml <devices>:
<channel type='unix'>
      <source mode='bind' path='/var/lib/libvirt/qemu/32454360-b730-4977-b0c0-d6d6a423998e.socket'/>
      <target type='virtio' name='com.xxx.agent'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>

qemu will create a socket file,its group and user is root:root.like following:
srwxr-xr-x 1 root root 0 Jul 17 09:53 /var/lib/libvirt/qemu/32454360-b730-4977-b0c0-d6d6a423998e.socket

and the same with the following:
<serial type='pty'>
      <log file='/var/lib/nova/instances/32454360-b730-4977-b0c0-d6d6a423998e/console.log' append='off'/>
      <target type='isa-serial' port='0'>
        <model name='isa-serial'/>
      </target>
</serial>
<console type='pty'>
      <log file='/var/lib/nova/instances/32454360-b730-4977-b0c0-d6d6a423998e/console.log' append='off'/>
      <target type='serial' port='0'/>
</console>

ll the file
-rw------- 1 root root 28740 Jul 17 09:54 /var/lib/nova/instances/32454360-b730-4977-b0c0-d6d6a423998e/console.log

but the /etc/libvirt/qemu.conf user=qemu,group=qemu and the kvm progress is qemu:
#ps -elf |grep 32454360-b730-4977-b0c0-d6d6a423998e
6 S qemu 3044391 1 0 80 0 - 704862 poll_s 09:53 ? 00:00:36 /usr/libexec/qemu-kvm -name guest=instance-00000344,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-664-instance-00000344/master-key.aes -machine pc-i440fx-rhel7.6.0,accel=kvm,usb=off,dump-guest-core=off -cpu Haswell-noTSX-IBRS,vme=on,ss=on,f16c=on,rdrand=on,hypervisor=on,arat=on,tsc_adjust=on,stibp=on,ssbd=on,xsaveopt=on,pdpe1gb=on,abm=on -m 2048 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 32454360-b730-4977-b0c0-d6d6a423998e -smbios type=1,manufacturer=RDO,product=OpenStack Compute,version=18.2.0-1.el7,serial=97fa277f-f7e4-48fb-82be-0b9922a1441a,uuid=32454360-b730-4977-b0c0-d6d6a423998e,family=Virtual Machine -no-user-config -nodefaults -chardev socket,id=charmonitor,fd=51,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=delay -no-hpet -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -object secret,id=virtio-disk0-secret0,data=eDflbsn/EZuwcvC9dOxKynTgr+TznZNRDQ82Q2cW4Q8=,keyid=masterKey0,iv=Dar6VvB9M1rUKSslKAaxCQ==,format=base64 -drive file=rbd:vms/32454360-b730-4977-b0c0-d6d6a423998e_disk:id=cinder:auth_supported=cephx\;none:mon_host=10.1.39.77\:6789\;10.1.39.78\:6789\;10.1.39.79\:6789\;10.1.39.80\:6789,file.password-secret=virtio-disk0-secret0,format=raw,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1,write-cache=on -netdev tap,fd=53,id=hostnet0,vhost=on,vhostfd=54 -device virtio-net-pci,host_mtu=1450,netdev=hostnet0,id=net0,mac=fa:16:3e:3c:d9:e7,bus=pci.0,addr=0x3 -add-fd set=3,fd=56 -chardev pty,id=charserial0,logfile=/dev/fdset/3,logappend=on -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,fd=55,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.awcloud.agent -device usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:8 -k en-us -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny -msg timestamp=on

my environment:
# /usr/libexec/qemu-kvm --version
QEMU emulator version 2.12.0 (qemu-kvm-ev-2.12.0-18.el7_6.5.1)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers

# virsh --version
4.5.0

 In my Mitaka openstack environment, there are all qemu:qemu. i wondering why, and how can i make Rocky to qemu:qemu