[libvirt-users] libvirtd and polkit: internal error: No Unix Process ID

Benedikt Heine benedikt at heine.rocks
Sat Jan 9 22:58:47 UTC 2016


Hi Daniel,

On Fr, 2016-01-08 at 10:52 +0000, Daniel P. Berrange wrote:
> This is sadly not possible. polkit will only authenticate against unix
> users.

> So effectively the libvirt polkit access control driver is only useful
> if you're connecting to libvirt over UNIX sockets :-(

This is really bad news for me.

> I really ought to get around to writing a custom libvirt access control
> driver that works in all cases.....

If you could do that, that'd be great.

At least it would be great adding documentation, clarifying, that the current
polkit driver has no support for external/SASL users and is therefore not usable
in combination with TLS.

An error message telling me, that the access driver is not capable of using this
connection type, would be great, too. Currently libvirt just throws out error
'access denied'.

Anyway, thanks for the answer.

Regards,
Benedikt




More information about the libvirt-users mailing list