Displaying 5 results from an estimated 5 matches for "other_groupname".
2020 Oct 29
2
Re: virsh rights voor normal users
...orking sssd connection to the idm realm (break glass user)
My user can use the system bus in cockpit without a password.
The dbus policy looks like this:
<policy group="groupname">
< allow send_destination="org.libvirt"/>
</policy>
<policy group="other_groupname">
< allow send_destination="org.libvirt"/>
</policy>
2020 Oct 29
2
Re: virsh rights voor normal users
...an use the system bus in cockpit without a password.
> >
> > The dbus policy looks like this:
> >
> > <policy group="groupname">
> > < allow send_destination="org.libvirt"/>
> > </policy>
> > <policy group="other_groupname">
> > < allow send_destination="org.libvirt"/>
> > </policy>
>
> This is expected. qemu:///system uses an unix socket to talk to libvirtd
> and not dbus. I don't know what credentials does cockpit set there.
> But I'm not sure it...
2020 Oct 29
0
Re: virsh rights voor normal users
...glass user)
>
> My user can use the system bus in cockpit without a password.
>
> The dbus policy looks like this:
>
> <policy group="groupname">
> < allow send_destination="org.libvirt"/>
> </policy>
> <policy group="other_groupname">
> < allow send_destination="org.libvirt"/>
> </policy>
This is expected. qemu:///system uses an unix socket to talk to libvirtd
and not dbus. I don't know what credentials does cockpit set there.
But I'm not sure it's safe to go behind cockpi...
2020 Oct 30
0
Re: virsh rights voor normal users
...thout a password.
> > >
> > > The dbus policy looks like this:
> > >
> > > <policy group="groupname">
> > > < allow send_destination="org.libvirt"/>
> > > </policy>
> > > <policy group="other_groupname">
> > > < allow send_destination="org.libvirt"/>
> > > </policy>
> >
> > This is expected. qemu:///system uses an unix socket to talk to libvirtd
> > and not dbus. I don't know what credentials does cockpit set there.
> &...
2020 Oct 29
2
virsh rights voor normal users
hi,
using the cockpit web ui and with these instructions:
https://libvirt.org/dbus.html#usage
we allow successfully that a group of users can access the console of the
system vms in different kvm hosts.
Oddly enough, in the same cockpit web interface I can use a terminal, and
if I run virsh list --all I get an empty listing.
So using cockpit I can manage the system vms, but I cannot use virsh.