search for: other_groupname

...orking sssd connection to the idm realm (break glass user) My user can use the system bus in cockpit without a password. The dbus policy looks like this: <policy group="groupname"> < allow send_destination="org.libvirt"/> </policy> <policy group="other_groupname"> < allow send_destination="org.libvirt"/> </policy>

...an use the system bus in cockpit without a password. > > > > The dbus policy looks like this: > > > > <policy group="groupname"> > > < allow send_destination="org.libvirt"/> > > </policy> > > <policy group="other_groupname"> > > < allow send_destination="org.libvirt"/> > > </policy> > > This is expected. qemu:///system uses an unix socket to talk to libvirtd > and not dbus. I don't know what credentials does cockpit set there. > But I'm not sure it...

...glass user) > > My user can use the system bus in cockpit without a password. > > The dbus policy looks like this: > > <policy group="groupname"> >     < allow send_destination="org.libvirt"/> > </policy> > <policy group="other_groupname"> >     < allow send_destination="org.libvirt"/> > </policy> This is expected. qemu:///system uses an unix socket to talk to libvirtd and not dbus. I don't know what credentials does cockpit set there. But I'm not sure it's safe to go behind cockpi...

...thout a password. > > > > > > The dbus policy looks like this: > > > > > > <policy group="groupname"> > > > < allow send_destination="org.libvirt"/> > > > </policy> > > > <policy group="other_groupname"> > > > < allow send_destination="org.libvirt"/> > > > </policy> > > > > This is expected. qemu:///system uses an unix socket to talk to libvirtd > > and not dbus. I don't know what credentials does cockpit set there. > &...

hi, using the cockpit web ui and with these instructions: https://libvirt.org/dbus.html#usage we allow successfully that a group of users can access the console of the system vms in different kvm hosts. Oddly enough, in the same cockpit web interface I can use a terminal, and if I run virsh list --all I get an empty listing. So using cockpit I can manage the system vms, but I cannot use virsh.