how/where to configure access to libvirt-sock-ro
Andrea Bolognani
abologna at redhat.com
Mon Oct 4 12:26:26 UTC 2021
On Sun, Oct 03, 2021 at 10:05:10PM +0000, Marc wrote:
>
> I wanted to create a monitoring user that can do some reporting like this:
>
> runuser -u xxxxx -- prometheus-libvirt-exporter -libvirt.uri /var/run/libvirt/libvirt-sock-ro
I assume you're using prometheus-libvirt-exporter from
https://github.com/zhangjianweibj/prometheus-libvirt-exporter/
right?
If so, I don't think you need to pass the (poorly named) libvirt.uri
option explicitly, as /var/run/libvirt/libvirt-sock-ro is already the
default value.
> But I am getting the
> failed to connect: authentication required
What do the following commands return?
$ runuser -u xxx -- virsh -c qemu:///system -r list --all
$ runuser -u xxx -- virsh -c
qemu:///system?socket=/var/run/libvirt/libvirt-sock-ro list --all
What are the permissions on the socket? Is SELinux possibly getting
in the way?
Access to the read-only socket is usually not very restrictive, since
a read-only connection can only be used to collect data anyway.
--
Andrea Bolognani / Red Hat / Virtualization
More information about the libvirt-users
mailing list