On 2016-01-21 14:41, Andrei Perietanu wrote:
I am using the libvirt API to manage VMs on the system, using a python
wrapper to execute commands.
I need to allow a webserver to access these commands and mostly read
information about the VMs. The problem is that when using the web
interface you use are basically running the commands as different user.
Since libvirtd is run as root by default you get permission errors.
Is there any way of getting around this without using polkit?
• You can use libvirt over TCP, using SASL/TLS/both auth
• You can configure a user group allowed to use the unix socket and add
the web server's user to it
cf. libvirtd.conf
Thanks,
Andrei
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of or
taking of any action in reliance upon this information by persons or
entities other than the intended recipient is prohibited. If you receive
this in error please contact the sender and delete the material from any
computer immediately. It is the policy of Klas Limited to disavow the
sending of offensive material and should you consider that the material
contained in the message is offensive you should contact the sender
immediately and also your I.T. Manager.
Klas Telecom Inc., a Virginia Corporation with offices at 1101 30th St.
NW, Washington, DC 20007.
Klas Limited (Company Number 163303) trading as Klas Telecom, an Irish
Limited Liability Company, with its registered office at Fourth Floor,
One Kilmainham Square, Inchicore Road, Kilmainham, Dublin 8, Ireland.
_______________________________________________
libvirt-users mailing list
libvirt-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvirt-users
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas(a)tao.at | +43 (0)680 301 7167
http://software.tao.at