Re: [libvirt] [PATCH] Default to qemu:///system if accessible
On 09/03/2010 02:38 PM, Soren Hansen wrote:
> NACK, I don't think we should be changing this. If the user
> is unprivileged, it should always default to the unprivileged
> libvirtd, regardless of whether they are also authorized to
> connect to the privileged libvirtd (via socket permissions or
> policykit, or kerberos). If the unprivileged user still wants
> the privileged libvirtd, they should given an explicit URI.
Hm... I didn't think this was going to be controversial :)
Maybe a less-controversial patch would be changing configure.ac to add a
configure option for the default URI string for non-privileged users?
Right now, the default is hard-coded to qemu:///session, but by letting
it be a configure choice, then it would be up to the end user (or
distro) whether to risk the default of qemu:///system as well as
exposing the socket as writable.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org