[libvirt] [PATCH] Allow polkit auth for VNC and SSH users
If you are sitting in front of a physical machine and logged in as a regular user, you can connect to the system libvirtd instance by providing a root password to policykit. This is how most virt-manager users talk to libvirt. However, if you are launching virt-manager over ssh -X, or over VNC started from say /etc/sysconfig/vncservers, our policykit policy rejects the user outright, providing no option to provide the root password. This is confusing to users and doesn't seem to serve much point. Change the policy to allow inactive (VNC) and non-local (SSH, VNC) to provide root credentials for accessing system libvirtd. We use auth_admin rather than auth_admin_keep so that credentials aren't cached at all, and every subsequent reconnection to libvirt requires auth. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625115 Similar change to PackageKit policy: https://bugzilla.redhat.com/show_bug.cgi?id=528511 --- daemon/libvirtd.policy-0 | 4 ++-- daemon/libvirtd.policy-1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/daemon/libvirtd.policy-0 b/daemon/libvirtd.policy-0 index b6da946..5d6845c 100644 --- a/daemon/libvirtd.policy-0 +++ b/daemon/libvirtd.policy-0 @@ -34,8 +34,8 @@ file are instantly applied. <defaults> <!-- Only a program in the active host session can use libvirt in read-write mode for management, and we require user password --> - <allow_any>no</allow_any> - <allow_inactive>no</allow_inactive> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> <allow_active>auth_admin_keep_session</allow_active> </defaults> </action> diff --git a/daemon/libvirtd.policy-1 b/daemon/libvirtd.policy-1 index 6fa3a5e..c2bec1f 100644 --- a/daemon/libvirtd.policy-1 +++ b/daemon/libvirtd.policy-1 @@ -34,8 +34,8 @@ file are instantly applied. <defaults> <!-- Only a program in the active host session can use libvirt in read-write mode for management, and we require user password --> - <allow_any>no</allow_any> - <allow_inactive>no</allow_inactive> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> <allow_active>auth_admin_keep</allow_active> </defaults> </action> -- 1.7.7.5
On 02/07/2012 09:59 AM, Cole Robinson wrote:
If you are sitting in front of a physical machine and logged in as a regular user, you can connect to the system libvirtd instance by providing a root password to policykit. This is how most virt-manager users talk to libvirt.
However, if you are launching virt-manager over ssh -X, or over VNC started from say /etc/sysconfig/vncservers, our policykit policy rejects the user outright, providing no option to provide the root password. This is confusing to users and doesn't seem to serve much point.
Change the policy to allow inactive (VNC) and non-local (SSH, VNC) to provide root credentials for accessing system libvirtd. We use auth_admin rather than auth_admin_keep so that credentials aren't cached at all, and every subsequent reconnection to libvirt requires auth.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625115 Similar change to PackageKit policy: https://bugzilla.redhat.com/show_bug.cgi?id=528511
Interesting read.
--- daemon/libvirtd.policy-0 | 4 ++-- daemon/libvirtd.policy-1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-)
ACK. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
On 02/07/2012 12:08 PM, Eric Blake wrote:
On 02/07/2012 09:59 AM, Cole Robinson wrote:
If you are sitting in front of a physical machine and logged in as a regular user, you can connect to the system libvirtd instance by providing a root password to policykit. This is how most virt-manager users talk to libvirt.
However, if you are launching virt-manager over ssh -X, or over VNC started from say /etc/sysconfig/vncservers, our policykit policy rejects the user outright, providing no option to provide the root password. This is confusing to users and doesn't seem to serve much point.
Change the policy to allow inactive (VNC) and non-local (SSH, VNC) to provide root credentials for accessing system libvirtd. We use auth_admin rather than auth_admin_keep so that credentials aren't cached at all, and every subsequent reconnection to libvirt requires auth.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625115 Similar change to PackageKit policy: https://bugzilla.redhat.com/show_bug.cgi?id=528511
Interesting read.
--- daemon/libvirtd.policy-0 | 4 ++-- daemon/libvirtd.policy-1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-)
ACK.
Thanks, pushed now. - Cole
participants (2)
-
Cole Robinson -
Eric Blake