[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] PATCH: Don't make connection read-only when non-root



On Mon, Mar 10, 2008 at 11:49:54AM +0000, Richard W.M. Jones wrote:
> On Sun, Mar 09, 2008 at 09:05:02PM +0000, Daniel P. Berrange wrote:
> > The virsh commands has long forced the connection to be read-only if running
> > as non-root. This is bogus because it is perfectly capable of authenticating
> > full read-write connections as non-root since we gained kerberos/policykit
> > support. The user can always use the explicit --readonly flag if they only
> > want a read only connection
> > 
> > Dan.
> > 
> > Index: src/virsh.c
> > ===================================================================
> > RCS file: /data/cvs/libvirt/src/virsh.c,v
> > retrieving revision 1.135
> > diff -r1.135 virsh.c
> > 6048,6054d6047
> > < #ifndef __MINGW32__
> > <     /* Force a non-root, Xen connection to readonly */
> > <     if ((ctl->name == NULL ||
> > <          !strcasecmp(ctl->name, "xen")) && ctl->uid != 0)
> > <          ctl->readonly = 1;
> > < #endif
> 
> Yes.  I was tempted to just remove this bogosity before but instead I
> just patched it out for Windows.

 okay

Daniel

-- 
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard      | virtualization library  http://libvirt.org/
veillard redhat com  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine  http://rpmfind.net/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]