On Fri, Feb 22, 2008 at 02:19:17PM +0900, Saori Fukuta wrote: > On Wed, 20 Feb 2008 13:05:22 +0000 "Daniel P. Berrange" wrote: > > On Wed, Feb 20, 2008 at 05:02:56PM +0900, Saori Fukuta wrote: > > > I guess this problem occurs from Cset:680 > > > http://hg.et.redhat.com/virt/applications/virt-manager--devel?cs=1892867ca5c7 > > > > This is intentional - virt-manager will authenticate with libvirt when > > attempting to connect, so it gets a full read-write connection. In Fedora 8 > > or later (or any distro with PolicyKit available) this should 'just work' > > with you being prompted for password. > > > > > I'm not sure where the readOnly flags should be set, but how about > > > this fix for readOnly flags ? > > > > Yes & no - we must only try a read-only connection if we are connecting > > to a local hypervisor, and don't have PolicyKit available. This change > > makes all connections read only, even remote ones, which is too mcuh. > > Okey, I understand the intention and I re-work to set the read-only > flag under the following conditions, > - destination is a local hypervisor, > (i.e. including "///" in URI) This also matches 'xen:///', so I changed it to use the 'is_remote' method to check. > - user is a non-root user, > (i.e. uid is not "0") > - PolicyKit is not available with libvirt, > (i.e. "/usr/share/PolicyKit/policy/libvirtd.policy" has not > been created by libvirt) > > Could you check the attached patch ? I applied it with a minor change: http://hg.et.redhat.com/virt/applications/virt-manager--devel?cs=d1c6390bbea9 Regards, Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| _______________________________________________ et-mgmt-tools mailing list et-mgmt-tools@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/et-mgmt-tools
