1
From: Guido Guenther <agx@sigxcpu.org>
2
Date: Thu, 26 Jun 2008 20:01:38 +0200
3
Subject: Allow libvirt group to access the socket
6
daemon/libvirtd.conf | 8 ++++----
7
tests/daemon-conf | 7 ++++++-
8
2 files changed, 10 insertions(+), 5 deletions(-)
10
diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf
11
index f218454..bb3efd1 100644
12
--- a/daemon/libvirtd.conf
13
+++ b/daemon/libvirtd.conf
15
# without becoming root.
17
# This is restricted to 'root' by default.
18
-#unix_sock_group = "libvirt"
19
+unix_sock_group = "libvirt"
21
# Set the UNIX socket permissions for the R/O socket. This is used
22
# for monitoring VM status only
25
# If not using PolicyKit and setting group ownership for access
26
# control then you may want to relax this to:
27
-#unix_sock_rw_perms = "0770"
28
+unix_sock_rw_perms = "0770"
30
# Set the name of the directory in which sockets will be found/created.
31
#unix_sock_dir = "/var/run/libvirt"
34
# To restrict monitoring of domains you may wish to enable
35
# an authentication mechanism here
36
-#auth_unix_ro = "none"
37
+auth_unix_ro = "none"
39
# Set an authentication scheme for UNIX read-write sockets
40
# By default socket permissions only allow root. If PolicyKit
43
# If the unix_sock_rw_perms are changed you may wish to enable
44
# an authentication mechanism here
45
-#auth_unix_rw = "none"
46
+auth_unix_rw = "none"
48
# Change the authentication scheme for TCP sockets.
50
diff --git a/tests/daemon-conf b/tests/daemon-conf
51
index f2b513d..6aa3269 100755
52
--- a/tests/daemon-conf
53
+++ b/tests/daemon-conf
54
@@ -19,7 +19,12 @@ grep '^#define WITH_QEMU 1' "$CONFIG_HEADER" > /dev/null ||
55
conf="$abs_top_srcdir/daemon/libvirtd.conf"
57
# Ensure that each commented out PARAMETER = VALUE line has the expected form.
58
-grep -v '\"PARAMETER = VALUE\"' "$conf" | grep '[a-z_] *= *[^ ]' | grep -vE '^#[a-z_]+ = ' \
59
+grep -v -e '\"PARAMETER = VALUE\"' \
60
+ -e 'unix_sock_group = \"libvirt\"' \
61
+ -e 'unix_sock_rw_perms = \"0770\"' \
62
+ -e 'auth_unix_ro = \"none\"' \
63
+ -e 'auth_unix_rw = \"none\"' \
64
+ "$conf" | grep '[a-z_] *= *[^ ]' | grep -vE '^#[a-z_]+ = ' \
65
&& { echo "$0: found unexpected lines (above) in $conf" 1>&2; exit 1; }
67
# Start with the sample libvirtd.conf file, uncommenting all real directives.