Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
howtos:general_admin:kvm_libvirt [2014/01/02 13:34 (UTC)]
fdonkers [libvirtd daemon]
howtos:general_admin:kvm_libvirt [2014/01/02 13:34 (UTC)]
fdonkers [PolicyKit setup]
Line 15: Line 15:
  
  
-==== PolicyKit setup ==== 
-Libvirt is built by default with PolicyKit support. If you want to disable this, edit ''/​etc/​libvirt/​libvirtd.conf''​. Uncomment the following options and change them to ''​none''​ : 
-<​code>​ 
-auth_unix_ro = "​none"​ 
-auth_unix_rw = "​none"​ 
-</​code>​ 
- 
-To use PolicyKit, a new file containing policy rules needs to be created in the ''/​etc/​polkit-1/​localauthority/​50-local.d''​ directory. The file needs to start with a 2-digit number and have a ''​pkla''​ extension. For example: ''​50-libvirt-authorization.pkla''​. The following authorization can be issued: ​ 
-  * Full management access: rule = org.libvirt.unix.manage. 
-  * Read-only, or monitoring access: rule = org.libvirt.unix.monitor. 
- 
-Example to give management access to all users of a given group: ​ 
-<​code>​ 
-[libvirt Management Access] 
-Identity=unix-group:​libvirt 
-Action=org.libvirt.unix.manage 
-ResultAny=yes 
-ResultInactive=yes 
-ResultActive=yes 
-</​code>​ 
-This allows all users of the ''​libvirt''​ group to manage virtual machines. The //libvirt Management Access// name is an arbitrary text you can change to fit your needs. ​ 
- 
-To allow access on a per-user basis, use the //​Identity=unix-user//​ option :  
-<​code>​ 
-[libvirt Management Access] 
-Identity=unix-user:​frank 
-Action=org.libvirt.unix.manage 
-ResultAny=yes 
-ResultInactive=yes 
-ResultActive=yes 
-</​code>​ 
-This will grant user //frank// management access to libvirt. ​ 
  
 ==== Automatic startup ==== ==== Automatic startup ====

In Other Languages
QR Code
QR Code howtos:general_admin:kvm_libvirt (generated for current page)