[libvirt-users] unable to creating/list storage pools using non-root user

mallapadi niranjan niranjan.ashok at gmail.com
Fri Jun 22 06:05:51 UTC 2012 

Hi all

I have a Fedora release 17 (Beefy Miracle) with libvirt versions:

libvirt-0.9.11.3-1.fc17.x86_64
virt-manager-0.9.1-3.fc17.noarch

I have allowed non-root user to user libvirt by allowing the user through
polkit

cat /etc/polkit-1/localauthority/50-local.d/cat
50-org.example-libvirt-remote-access.pkla

[Remote libvirt SSH access]
Identity=unix-group:virt
Action=org.libvirt.unix.manage;org.libvirt.unix.monitor
ResultAny=yes
ResultInactive=yes
ResultActive=yes

After doing the above i am able to connect to virt-manager as non-root user
but unable to create storage pools.

[juno at reserved ~]$ id
uid=1001(juno) gid=1001(juno) groups=1001(juno),1002(virt)
context=staff_u:staff_r:staff_t:s0
[juno at reserved ~]$ virsh
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
       'quit' to quit

virsh # pool-list
error: Failed to reconnect to the hypervisor
error: no valid connection
error: Failed to connect socket to '@/home/juno/.libvirt/libvirt-sock':
Connection refused

virsh # list
error: Failed to reconnect to the hypervisor
error: no valid connection
error: Failed to connect socket to '@/home/juno/.libvirt/libvirt-sock':
Connection refused

I have defined pool called virt-images (/virt-images) which the non-root
(in this case the username is Juno)  user has the read/write permissions

Also tried adding the permissions to unix socket in
/etc/libvirt/libvirtd.conf as below:

 cat /etc/libvirt/libvirtd.conf  | grep -v ^$ | grep -v ^#
unix_sock_group = "virt"
unix_sock_ro_perms = "0777"
unix_sock_rw_perms = "0770"
unix_sock_dir = "/var/run/libvirt"

But the unix socket are created in /var/run/libvirt and not in users home
directory, So how do we make a non-root user virsh commands check the
socket created in /var/run/libvirt. It always checks for the socket in
user's home directory ?

Any pointers on above would be helpfu.

Regards
Niranjan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20120622/84c23ffa/attachment.htm>

More information about the libvirt-users mailing list