This API interacts with the hypervisor and makes changes to its behaviour, so must be protected by the write permission. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/remote_protocol.x | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index 7fdc65f029..743c21b316 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -6743,7 +6743,7 @@ enum remote_procedure { /** * @generate: both - * @acl: domain:read + * @acl: domain:write */ REMOTE_PROC_DOMAIN_START_DIRTY_RATE_CALC = 427 }; -- 2.30.2