[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
howtos:general_admin:kvm_libvirt [2014/01/02 13:34 (UTC)] – [libvirtd daemon] fdonkers | howtos:general_admin:kvm_libvirt [2015/06/27 06:45 (UTC)] (current) – [Guest configuration]Tiny invisible change for syntax rightness. didierspaier | ||
---|---|---|---|
Line 15: | Line 15: | ||
- | ==== PolicyKit setup ==== | ||
- | Libvirt is built by default with PolicyKit support. If you want to disable this, edit ''/ | ||
- | < | ||
- | auth_unix_ro = " | ||
- | auth_unix_rw = " | ||
- | </ | ||
- | |||
- | To use PolicyKit, a new file containing policy rules needs to be created in the ''/ | ||
- | * Full management access: rule = org.libvirt.unix.manage. | ||
- | * Read-only, or monitoring access: rule = org.libvirt.unix.monitor. | ||
- | |||
- | Example to give management access to all users of a given group: | ||
- | < | ||
- | [libvirt Management Access] | ||
- | Identity=unix-group: | ||
- | Action=org.libvirt.unix.manage | ||
- | ResultAny=yes | ||
- | ResultInactive=yes | ||
- | ResultActive=yes | ||
- | </ | ||
- | This allows all users of the '' | ||
- | |||
- | To allow access on a per-user basis, use the // | ||
- | < | ||
- | [libvirt Management Access] | ||
- | Identity=unix-user: | ||
- | Action=org.libvirt.unix.manage | ||
- | ResultAny=yes | ||
- | ResultInactive=yes | ||
- | ResultActive=yes | ||
- | </ | ||
- | This will grant user //frank// management access to libvirt. | ||
==== Automatic startup ==== | ==== Automatic startup ==== | ||
Line 233: | Line 201: | ||
* Source path = directory on the host which is shared. | * Source path = directory on the host which is shared. | ||
* Target path = mount tag that is made available on the guest system. This doesn' | * Target path = mount tag that is made available on the guest system. This doesn' | ||
- | | + | Option //Export filesystem as readonly mount// does what it suggests. |
==== Mounting the share ==== | ==== Mounting the share ==== |