Erp! Meant to send this to libvirt-users. Sorry about the noise, you can ignore this. --landon On 08/07/2014 11:19 AM, Landon Gilbert-Bland wrote:

I am using kvm libvirt/qemu, and am trying to get VNC working with unix sockets. I'm using the following in my XML:

<graphics type='vnc' socket='/tmp/kvmtest'/>

This works, it creates the unix socket and I can use it for VNC. But it creates the socket with 755 permissions, and owned by libvirt-qemu:kvm. Ideally, I would like it to be 770 root:libvirtd, but could also work with 775 libvirt-qemu:kvm.

Basically, I would like the group to be read/write/execute, so that anyone in this group can use virt-manager (or whatever) to get into the vm with vnc. I haven't found a way to change this in the settins. It doesn't seem to be honoring the unix socket settings in /etc/libvirt/libvirdd.conf (it looks like those are only for libvirt-sock and libvirt-sock-ro), and I haven't been able to find any documentation about changing these permissions in the XML.

I can manually chmod/chown the socket after it is created (manually or with a cron), but that is far from an ideal solution. I don't suppose anyone has run across a configuration option for this that I have missed?

I have only tested this in ubuntu 14.01 and debian sid, for what it's worth.

Thanks, --landon

-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list