[libvirt-users] executing libvirt commands as a different user
Daniel P. Berrange
berrange at redhat.com
Thu Jan 21 13:48:58 UTC 2016
On Thu, Jan 21, 2016 at 01:41:28PM +0000, Andrei Perietanu wrote:
> I am using the libvirt API to manage VMs on the system, using a python
> wrapper to execute commands.
> I need to allow a webserver to access these commands and mostly read
> information about the VMs. The problem is that when using the web interface
> you use are basically running the commands as different user. Since
> libvirtd is run as root by default you get permission errors.
>
> Is there any way of getting around this without using polkit?
Even without polkit, libvirt provides full read-only access to any
local user, providing you request read-only mode when connecting.
If you want read-write mode, polkit is recommended, but if you really
don't want it, then edit /etc/libvirt/linbvirtd.conf and set a suitable
group owner for the socket and put your web server user in that group.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvirt-users
mailing list