[libvirt] File permissions on VNC unix sockets
Landon Gilbert-Bland
lgbland at corp.xmission.com
Thu Aug 7 18:19:07 UTC 2014
Erp! Meant to send this to libvirt-users. Sorry about the noise, you can
ignore this.
--landon
On 08/07/2014 11:19 AM, Landon Gilbert-Bland wrote:
> I am using kvm libvirt/qemu, and am trying to get VNC working with unix
> sockets. I'm using the following in my XML:
>
> <graphics type='vnc' socket='/tmp/kvmtest'/>
>
> This works, it creates the unix socket and I can use it for VNC. But it
> creates the socket with 755 permissions, and owned by libvirt-qemu:kvm.
> Ideally, I would like it to be 770 root:libvirtd, but could also work
> with 775 libvirt-qemu:kvm.
>
> Basically, I would like the group to be read/write/execute, so that
> anyone in this group can use virt-manager (or whatever) to get into the
> vm with vnc. I haven't found a way to change this in the settins. It
> doesn't seem to be honoring the unix socket settings in
> /etc/libvirt/libvirdd.conf (it looks like those are only for
> libvirt-sock and libvirt-sock-ro), and I haven't been able to find any
> documentation about changing these permissions in the XML.
>
> I can manually chmod/chown the socket after it is created (manually or
> with a cron), but that is far from an ideal solution. I don't suppose
> anyone has run across a configuration option for this that I have missed?
>
> I have only tested this in ubuntu 14.01 and debian sid, for what it's worth.
>
> Thanks,
> --landon
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
More information about the libvir-list
mailing list