similar to: polkit ACL for remotely changing a spice console password

Hi List, Is it possible to prevent other clients from stealing my libvirtd hosted spice session? This is a problem for me where multiple co-workers access the same guest over a qemu+ssh:// connection. Instead of simply disconnecting clients, I'd like libvirtd to deny the new client. I've been looking at polkit acl rules and the vnc sharePolicy attribute but so far no luck.

Any idea how to do this with virsh or hooks? Qemu seems to have a spice.set_ticket command, but calling this from virsh's 'qemu-monitor-command guest --hmp --cmd spice.set_ticket password' doesn't work. The password would somehow have to be reset once the client logs out. On Mon, Feb 16, 2015 at 11:50 AM, Michal Privoznik <mprivozn@redhat.com> wrote: > On 13.02.2015

Ok.. Just for the record, I STAND CORRECTED! The problem does appear to be NT.. The thing that irritated me was that nobody was interested in giving any backup data! Everyone just wanted to blindly admit that it must be NT. Ok.. Enuf bitching.. On to the better stuff... Anyway, David Mansfield and I are trying to narrow down the machine configurations where this happens.. Currently, we've

Ernie, Thanks for the great info.. Based on what you were seeing, would you suspect that part of the problem is with the combination of NT and the 3com card (3c595)? Currently, we are ONLY seeing this under NT Workstation (not server) and almost all of our machines have this same 3com 3c595 card (only if using 100BaseT).. -- Rick -----Original Message----- From: Ernie Oporto

I have been regularly crashing my NT boxen trying to back them up via an smbtar (smbclient). The crash is not complete - the network layer on NT goes away. You can still operate the console, but no net traffic. This is NT workstation and server 4.0 with sp3. The UNIX samba server is Solaris 2.5 with the latest samba version (1.9.18p8?) also with other samba versions. I tried updating the NT

I have a system with many processes writing to a common data file using pwrite. These processes are each writing to existing blocks in the file, not changing the file size, and the file has no holes. When the processes get going, they seem to bottleneck at log_wait_common (according to ps alnx). That is, one process is uninterruptible in log_wait_common, the rest are uninterruptible in down.

Hi All, Using the virt-manager/libvirtd/qemu-kvm stack (centos 6), is it possible to leave a NIC "installed" but cause it to simulate that the network cable is unplugged? Preferably this could be "hot" plugged/unplugged but otherwise doing it cold. Guest os is also centos 6, in case it matters (shouldn't). Any pointers? Thanks, David Mansfield Cobite, INC.

rhbz#719837 Signed-off-by: Joey Boggs <jboggs at redhat.com> --- scripts/ovirt-config-installer.py | 50 +++++++++++++++++-------------------- scripts/ovirt-config-setup.py | 1 - 2 files changed, 23 insertions(+), 28 deletions(-) diff --git a/scripts/ovirt-config-installer.py b/scripts/ovirt-config-installer.py index 637c64c..7c66676 100644 ---

On 04/29/2017 04:38 AM, Stefano Ricci wrote: > 2017-04-28 14:33 GMT+02:00 Michal Privoznik <mprivozn@redhat.com>: >> On 04/27/2017 04:31 PM, Stefano Ricci wrote: >>> Here is the backtrace of the libvirt process just started >> >> [Just a side note, you shouldn't top post on technical lists. Gmail >> sucks at this.] >> >>> >>>

Hello everyone, I'm trying to make dovecot do user authentication against a SQL database. The passwords (managed by Django) are stored as salted SHA1 encoded in hex. I monkey patched Django's password method so that the password hash is made with <password><salt> (Django does <salt><password>, the patched method was verified to return same value as

On 13.02.2015 16:19, Jon Doe wrote: > Hi List, > > Is it possible to prevent other clients from stealing my libvirtd > hosted spice session? This is a problem for me where multiple > co-workers access the same guest over a qemu+ssh:// connection. > Instead of simply disconnecting clients, I'd like libvirtd to deny the > new client. > > I've been looking at

Hi List, Is it possible to prevent other clients from stealing my libvirtd hosted spice session? This is a problem for me where multiple co-workers access the same guest over a qemu+ssh:// connection. Instead of simply disconnecting clients, I'd like libvirtd to deny the new client. I've been looking at polkit acl rules and the vnc sharePolicy attribute but so far no luck.

I have a situation where I frequently need to "add" and "remove" a NIC, but each time I "add" it, I need the same MAC address. I'm using virt-manager mostly, but would be willing to use "virsh" if necessary, although it doesn't seem to hotplug the same way (something else to figure out another day ;-). It doesn't appear in the domain XML

Hello All: I've gotten a passthrough filesystem to work (as in, to mount) in my vm (guest F20, host F20), but due to the fact that the qemu-kvm process runs as "qemu" user, I cannot access "my" files from the share. Both the guest and the host are running SSSD so the user/group mapping is identical. Other than putting 'user = "root"' it

Dear Michal After I fix the local libvirt master branch follow your patch, and build rpm for CentOS 7.4. virDomainUpdateDeviceFlags as bellow: ================================================ 2018-02-27 09:27:43.782+0000: 16656: debug : virDomainUpdateDeviceFlags:8326 : dom=0x7f2084000c50, (VM: name=6ec499397d594e f2a64fcfc938f38225, uuid=6ec49939-7d59-4ef2-a64f-cfc938f38225), xml=<disk

Hi All, I am trying to implement the following use case. User sfrag is logged on the host via ssh. Running 'virsh list --all' should trigger PolKit authentication and present ALL domains suffixed with -SF I have used and adapted the example from: libvirt.org Git - libvirt.git/blob - examples/polkit/libvirt-acl.rules | | | | | | | | | | | libvirt.org Git - libvirt.git/blob -

On 04/27/2017 04:31 PM, Stefano Ricci wrote: > Here is the backtrace of the libvirt process just started [Just a side note, you shouldn't top post on technical lists. Gmail sucks at this.] > > https://pastebin.com/R66myzFp Looks like libvirtd is trying to spawn /usr/bin/qemu-system-x86_64 but it takes ages to init. In the debug logs you might see the actual command line that

When using mskutil in order to setup a keytab fail for Squid Kerberos authentication, it stops with an error: Error: Unable to set machine password for FIREWALL-K$: (2) Server error This is the output of the mskutil command: ########################################################## # msktutil -f -b "CN=COMPUTERS" -s HTTP/firewall.example.com -k /etc/squid/squid.keytab --computer-name

On Tue, Feb 27, 2018 at 09:53:00 +0100, Michal Privoznik wrote: > On 02/27/2018 03:06 AM, Star Guo wrote: > > Hello Everyone, > > > > > > > > My pc run in CentOS 7.4 and install libvirt-4.0.0 + Qemu-kvm 2.9.0 + Ceph > > 10.2.10 ALL-in-One. > > > > > > > > I use python-sdk with libvirt and run [self.domain.updateDeviceFlags(xml,

CentOS Errata and Security Advisory 2019:0230 Important Upstream details at : https://access.redhat.com/errata/RHSA-2019:0230 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 491b63a51365bb112538c3cc527cc9a0f9cbb8599989268b2367a88b6923e39d polkit-0.112-18.el7_6.1.i686.rpm