On 09/22/2010 07:33 PM, Zdenek Styblik wrote:
I was thinking about writing info for Slackware, because you've
asked.
But I came to realize the page is written in such general way, it's
simply applicable to other distributions without any big troubles which
should be worth of writing up.
Hmmmm, how does Slackware do the access control for the libvirt
management socket?
Any idea if it's using PolicyKit, or if it's using groups?
Asking because if it's using one of those two, then it's extremely
easy to add a new "Slackware" head and point people to the right bit.
At least that's my opinion. Of course it
doesn't mean there can't be pitfalls in other distributions.
Yeah. I'm kind of thinking that if we know how Slackware does it,
we should probably mention it.
That'll help people using things like (ie) Google, when they do
keyword searches for "+Libvirt +Slackware +access". Without a mention
of Slackware on the pages, search engines won't show it in the result
list. :(
Plus... having more distributions on there helps to show off how
cross-distribution libvirt is. :)
I'm also pleased to know it's possible to grant
"regular" user
management of libvirtd.
I think; good job is in order.
Thanks. :)
One thing though and that's access to virtual storage. Isn't
there a
problem with group libvirt not having ACL to manipulate images as they
are created with root:root ownership? I'm aware of
<permissions>...</permissions>, but so far I haven't been successful to
make it work (= ownership stayed as root:root no matter what; version
0.8.4).
Hmmm, interesting thought. It's not an area I've looked at from the
perspective of access by non-root users.
Yeah, I should investigate that to ensure there aren't any pitfalls there.
Good thinking Zdenek. :)
Regards and best wishes,
Justin Clift