libvirt

External/libvirt

Fork 0

mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-09-14 03:35:05 +00:00

Commit Graph

Author	SHA1	Message	Date
Cole Robinson	756e6ab467	Allow polkit auth for VNC and SSH users If you are sitting in front of a physical machine and logged in as a regular user, you can connect to the system libvirtd instance by providing a root password to policykit. This is how most virt-manager users talk to libvirt. However, if you are launching virt-manager over ssh -X, or over VNC started from say /etc/sysconfig/vncservers, our policykit policy rejects the user outright, providing no option to provide the root password. This is confusing to users and doesn't seem to serve much point. Change the policy to allow inactive (VNC) and non-local (SSH, VNC) to provide root credentials for accessing system libvirtd. We use auth_admin rather than auth_admin_keep so that credentials aren't cached at all, and every subsequent reconnection to libvirt requires auth. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625115 Similar change to PackageKit policy: https://bugzilla.redhat.com/show_bug.cgi?id=528511	2012-02-07 11:59:35 -05:00
Daniel P. Berrange	5c2a1ae876	Rename qemud/ directory to daemon/ * qemud/: Rename to daemon/ * Makefile.am, configure.in, src/Makefile.am, src/remote_internal.c, tests/Makefile.am, tests/eventtest.c: s/qemud/daemon/ where needed	2009-09-21 14:41:42 +01:00

Author

SHA1

Message

Date

Cole Robinson

756e6ab467

Allow polkit auth for VNC and SSH users

If you are sitting in front of a physical machine and logged in as
a regular user, you can connect to the system libvirtd instance
by providing a root password to policykit. This is how most
virt-manager users talk to libvirt.

However, if you are launching virt-manager over ssh -X, or over
VNC started from say /etc/sysconfig/vncservers, our policykit policy
rejects the user outright, providing no option to provide the root
password. This is confusing to users and doesn't seem to serve much
point.

Change the policy to allow inactive (VNC) and non-local (SSH, VNC)
to provide root credentials for accessing system libvirtd. We use
auth_admin rather than auth_admin_keep so that credentials aren't
cached at all, and every subsequent reconnection to libvirt requires
auth.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625115
Similar change to PackageKit policy:
https://bugzilla.redhat.com/show_bug.cgi?id=528511

2012-02-07 11:59:35 -05:00

Daniel P. Berrange

5c2a1ae876

Rename qemud/ directory to daemon/

* qemud/: Rename to daemon/
* Makefile.am, configure.in, src/Makefile.am, src/remote_internal.c,
  tests/Makefile.am, tests/eventtest.c: s/qemud/daemon/ where needed

2009-09-21 14:41:42 +01:00

2 Commits