[PATCH] polkit: Allow libvirt group access to libvirtd ro socket
Erik Skultety
eskultet at redhat.com
Tue Dec 1 09:48:13 UTC 2020
On Tue, Dec 01, 2020 at 09:17:01AM +0000, Daniel P. Berrangé wrote:
> On Mon, Nov 30, 2020 at 05:28:16PM -0700, Jim Fehlig wrote:
> > As a normal user, 'virsh connect qemu:///system' and
> > 'virsh connect --readonly qemu:///system' will prompt for root password.
> > If the user is added to the libvirt group, only
> > 'virsh connect --readonly qemu:///system' will prompt for root password.
>
> This doesn't make sense - the readonly case should never prompt for
> a password, since libvirtd.polkit.in grants that permission out of
> the box. The libvirtd.rules file should just be extending what is
> defined in the main libvirtd.polkit file.
In fact, this caught my eye and it works as expected on Fedora, can you share a
bit more on what setup this fails for you?
Erik
More information about the libvir-list
mailing list