Re: per user vm isolation with shared network

Greetings, thanks, I've started looking into it however I'm unable to see the network from the dedicated user, see: $ id; virsh -c qemu:///session net-list --all; virsh -c qemu:///system net-list --all uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video) Name State Autostart Persistent -------------------------------------------- default active yes yes Name State Autostart Persistent -------------------------------------------- default active yes yes $ su -c "id; virsh -c qemu:///session net-list --all; virsh -c qemu:///system net-list --all" foo uid=1002(foo) gid=1002(foo) groups=1002(foo),34(kvm),36(qemu),102(libvirt) Name State Autostart Persistent ---------------------------------------- error: failed to connect to the hypervisor error: internal error: Unable to get system bus connection: Could not connect: No such file or directory $ cat /etc/qemu/bridge.conf # This should have the following permissions: root:qemu 0640 # Allow users in the "qemu" group to add devices to "br0". allow br0 # Uncomment the following line to allow users in the "bob" # group to have permissions defined in it, iff it has the # following permissions: root:bob 0640 #include /etc/qemu/bob.conf $ brctl show virbr0 bridge name bridge id STP enabled interfaces virbr0 8000.525400892227 yes utils-server:/home/igor$ ls -l /usr/lib/qemu/qemu-bridge-helper -rws--x--- 1 root qemu 837704 Jun 18 14:07 /usr/lib/qemu/qemu-bridge-helper utils-server:/home/igor$ virsh -c qemu:///session net-dumpxml default <network> <name>default</name> <uuid>9ec5f56a-1c3d-4650-aac2-45d1352e08fc</uuid> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr0' stp='on' delay='0'/> <mac address='52:54:00:89:22:27'/> <ip address='192.168.122.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.122.2' end='192.168.122.254'/> </dhcp> </ip> </network> what am I missing?