On Fri, Sep 03, 2010 at 02:50:00PM -0600, Eric Blake wrote:
On 09/03/2010 02:38 PM, Soren Hansen wrote:
>>NACK, I don't think we should be changing this. If the user
>>is unprivileged, it should always default to the unprivileged
>>libvirtd, regardless of whether they are also authorized to
>>connect to the privileged libvirtd (via socket permissions or
>>policykit, or kerberos). If the unprivileged user still wants
>>the privileged libvirtd, they should given an explicit URI.
>
>Hm... I didn't think this was going to be controversial :)
Maybe a less-controversial patch would be changing configure.ac to add a
configure option for the default URI string for non-privileged users?
Right now, the default is hard-coded to qemu:///session, but by letting
it be a configure choice, then it would be up to the end user (or
distro) whether to risk the default of qemu:///system as well as
exposing the socket as writable.
There is no compile time concept of default URI to make configurable.
If no URI is found, libvirt probes each hypervisor driver in turn.
As an end user though, you can edit $HOME/.bashrc and set the env
variable LIBVIRT_DEFAULT_URI to ensure a URI is always found before
it gets the probing logic.
Regards,
Daniel
--
|: Red Hat, Engineering, London -o-
http://people.redhat.com/berrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org -o-
http://deltacloud.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|