On Sat, Jun 23, 2012 at 3:04 AM, Trey Dockendorf <treydock(a)gmail.com> wrote:
On Fri, Jun 22, 2012 at 10:02 AM, mallapadi niranjan
<niranjan.ashok(a)gmail.com> wrote:
>
>
> On Fri, Jun 22, 2012 at 4:38 PM, mallapadi niranjan
> <niranjan.ashok(a)gmail.com> wrote:
>>
>>
>>
>> On Fri, Jun 22, 2012 at 12:56 PM, Trey Dockendorf <treydock(a)gmail.com>
>> wrote:
>>>
>>>
>>> On Jun 22, 2012 1:08 AM, "mallapadi niranjan" <
niranjan.ashok(a)gmail.com>
>>> wrote:
>>> >
>>> > Hi all
>>> >
>>> > I have a Fedora release 17 (Beefy Miracle) with libvirt versions:
>>> >
>>> > libvirt-0.9.11.3-1.fc17.x86_64
>>> > virt-manager-0.9.1-3.fc17.noarch
>>> >
>>> > I have allowed non-root user to user libvirt by allowing the user
>>> > through polkit
>>> >
>>> > cat /etc/polkit-1/localauthority/50-local.d/cat
>>> > 50-org.example-libvirt-remote-access.pkla
>>> >
>>> > [Remote libvirt SSH access]
>>> > Identity=unix-group:virt
>>> > Action=org.libvirt.unix.manage;org.libvirt.unix.monitor
>>> > ResultAny=yes
>>> > ResultInactive=yes
>>> > ResultActive=yes
>>> >
>>> > After doing the above i am able to connect to virt-manager as
non-root
>>> > user but unable to create storage pools.
>>> >
>>> > [juno@reserved ~]$ id
>>> > uid=1001(juno) gid=1001(juno) groups=1001(juno),1002(virt)
>>> > context=staff_u:staff_r:staff_t:s0
>>> > [juno@reserved ~]$ virsh
>>> > Welcome to virsh, the virtualization interactive terminal.
>>> >
>>> > Type: 'help' for help with commands
>>> > 'quit' to quit
>>> >
>>> > virsh # pool-list
>>> > error: Failed to reconnect to the hypervisor
>>> > error: no valid connection
>>> > error: Failed to connect socket to
'(a)/home/juno/.libvirt/libvirt-sock':
>>> > Connection refused
>>> >
>>> > virsh # list
>>> > error: Failed to reconnect to the hypervisor
>>> > error: no valid connection
>>> > error: Failed to connect socket to
'(a)/home/juno/.libvirt/libvirt-sock':
>>> > Connection refused
>>> >
>>> > I have defined pool called virt-images (/virt-images) which the
>>> > non-root (in this case the username is Juno) user has the read/write
>>> > permissions
>>> >
>>> > Also tried adding the permissions to unix socket in
>>> > /etc/libvirt/libvirtd.conf as below:
>>> >
>>> > cat /etc/libvirt/libvirtd.conf | grep -v ^$ | grep -v ^#
>>> > unix_sock_group = "virt"
>>> > unix_sock_ro_perms = "0777"
>>> > unix_sock_rw_perms = "0770"
>>> > unix_sock_dir = "/var/run/libvirt"
>>> >
>>> > But the unix socket are created in /var/run/libvirt and not in users
>>> > home directory, So how do we make a non-root user virsh commands
check the
>>> > socket created in /var/run/libvirt. It always checks for the socket
in
>>> > user's home directory ?
>>> >
>>> > Any pointers on above would be helpfu.
>>> >
>>> > Regards
>>> > Niranjan
>>> >
>>> >
>>> > _______________________________________________
>>> > libvirt-users mailing list
>>> > libvirt-users(a)redhat.com
>>> >
https://www.redhat.com/mailman/listinfo/libvirt-users
>>>
>>> I believe I ran into this, try using this virsh command as the polkit
>>> authorized user
>>>
>>> virsh -c qemu:///system
>>>
>>> - Trey
>>
>> Yeah that worked.
>>
>> Thanks a lot trey
>
>
> Hi
>
>
> How do i make the below work ?
>
> [juno@reserved virt-img]$ virsh -c qemu:///session
>
> error: Failed to connect socket to '(a)/home/juno/.libvirt/libvirt-sock':
> Connection refused
> error: failed to connect to the hypervisor
>
>
> Regards
> Niranjan
>
> _______________________________________________
> libvirt-users mailing list
> libvirt-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/libvirt-users
I'm not familiar with using "qemu:///session", to make an intial
connection I always do something like this...
# Local connection
$ virsh -c qemu:///system
# Remote
$ virsh -c ssh+qemu:///treydock@host.tld/system
What are you trying to achieve with "session" ?
I would like to use virt-manager/virsh using non-root user ,
qemu:///system , connect as root user , I would like to create images and
run them using non-root user .
Also I noticed you mentioned using a path other than
/var/lib/libvirt/images for the pool, be sure the SELinux contexts are
correct. Should be virt_image_t, you can set that for a special path
like so...
$ semanage fcontext -a -t virt_image_t "/virt-img(/.*)?"
$ restorecon -R /virt-img
Yes, i have set the virt_image_t context set for /virt-img directory
- Trey