[Libguestfs] [libvirt] Proposed libguestfs API for implementing libvirt virConnectOpenAuth
Daniel P. Berrange
berrange at redhat.com
Mon Oct 15 15:46:26 UTC 2012
On Mon, Oct 15, 2012 at 11:23:04AM -0400, Cole Robinson wrote:
> On 10/15/2012 04:01 AM, Richard W.M. Jones wrote:
> >
> > From 9eea45e80ad80283f1a89f792bcf0c174818f4a2 Mon Sep 17 00:00:00 2001
> > From: "Richard W.M. Jones" <rjones at redhat.com>
> > Date: Mon, 15 Oct 2012 09:01:13 +0100
> > Subject: [PATCH] daemon: Make the default PolicyKit policy auth_admin_keep.
> >
> > ---
> > daemon/libvirtd.policy.in | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/daemon/libvirtd.policy.in b/daemon/libvirtd.policy.in
> > index 000c17e..df42e5f 100644
> > --- a/daemon/libvirtd.policy.in
> > +++ b/daemon/libvirtd.policy.in
> > @@ -31,8 +31,8 @@ version 2. See COPYING for details.
> > <defaults>
> > <!-- Any program can use libvirt in read/write mode if they
> > provide the root password -->
> > - <allow_any>auth_admin</allow_any>
> > - <allow_inactive>auth_admin</allow_inactive>
> > + <allow_any>@authaction@</allow_any>
> > + <allow_inactive>@authaction@</allow_inactive>
> > <allow_active>@authaction@</allow_active>
> > </defaults>
> > </action>
>
> ACK
While this patch does what Rich intends it todo, I'm a little wary of
changing this, since this is a security relevant setting. Looking at
the rules on my F17 box, there is a fair mix of different triples
used by apps. Some have (no, no, auth_admin_keep), some have
(auth_admin, auth_amdin., auth_admin_keep) and others have
(auth_admin_keep, auth_admin_keep, auth_admin_keep). The actions that
give broader / more serious access seem to have a slight bias against
using the _keep variant for any/inactive.
I don't have a good answer here, but I think we should seek guidance
on this before changing our defaults.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the Libguestfs
mailing list