Re: [libvirt-users] executing libvirt commands as a different user
On Thu, Jan 21, 2016 at 01:41:28PM +0000, Andrei Perietanu wrote:
I am using the libvirt API to manage VMs on the system, using a
python
wrapper to execute commands.
I need to allow a webserver to access these commands and mostly read
information about the VMs. The problem is that when using the web interface
you use are basically running the commands as different user. Since
libvirtd is run as root by default you get permission errors.
Is there any way of getting around this without using polkit?
Even without polkit, libvirt provides full read-only access to any
local user, providing you request read-only mode when connecting.
If you want read-write mode, polkit is recommended, but if you really
don't want it, then edit /etc/libvirt/linbvirtd.conf and set a suitable
group owner for the socket and put your web server user in that group.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|