Re: [PATCH] readOnly flags for virConnectOpenAuth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Feb 22, 2008 at 02:19:17PM +0900, Saori Fukuta wrote:
> On Wed, 20 Feb 2008 13:05:22 +0000 "Daniel P. Berrange" wrote:
> > On Wed, Feb 20, 2008 at 05:02:56PM +0900, Saori Fukuta wrote:
> > > I guess this problem occurs from Cset:680
> > > http://hg.et.redhat.com/virt/applications/virt-manager--devel?cs=1892867ca5c7
> > 
> > This is intentional - virt-manager will authenticate with libvirt when 
> > attempting to connect, so it gets a full read-write connection. In Fedora 8
> > or later (or any distro with PolicyKit available) this should 'just work'
> > with you being prompted for password.
> > 
> > > I'm not sure where the readOnly flags should be set, but how about
> > > this fix for readOnly flags ?
> > 
> > Yes & no - we must only try a read-only connection if we are connecting
> > to a local hypervisor, and don't have PolicyKit available. This change
> > makes all connections read only, even remote ones, which is too mcuh.
> 
> Okey, I understand the intention and I re-work to set the read-only
> flag under the following conditions,
>     - destination is a local hypervisor, 
>       (i.e. including "///" in URI)

This also matches 'xen:///', so I changed it to use the 'is_remote'
method to check.

>     - user is a non-root user, 
>       (i.e. uid is not "0")
>     - PolicyKit is not available with libvirt, 
>       (i.e. "/usr/share/PolicyKit/policy/libvirtd.policy" has not 
>        been created by libvirt)
> 
> Could you check the attached patch ?

I applied it with a minor change:

http://hg.et.redhat.com/virt/applications/virt-manager--devel?cs=d1c6390bbea9

Regards,
Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools

[Index of Archives]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux