Re: f23 mate policykit libvirt problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Cole,

Thanks for the response.  I’m still seeing problems.

I start virt-manager and it prompts me for the root password.
My user is now a member of the libvirt group

[npearl@caprica ~]$ id
uid=10000(npearl) gid=1000(npearl) groups=1000(npearl),10(wheel),982(libvirt) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

Jan 16 15:39:08 caprica polkitd[2464]: Operator of unix-session:1 FAILED to authenticate to gain authorization for action org.libvirt.unix.manage for unix-process:5732:28774 [/usr/bin/python2 -tt /usr/share/virt-manager/virt-manager] (owned by unix-user:npearl)
Jan 16 15:39:08 caprica libvirtd[3546]: libvirt version: 1.2.18.2, package: 1.fc23 (Fedora Project, 2015-12-24-00:55:42, buildhw-12.phx2.fedoraproject.org)
Jan 16 15:39:08 caprica libvirtd[3546]: authentication cancelled: user cancelled authentication process
Jan 16 15:39:08 caprica libvirtd[3546]: End of file while reading data: Input/output error


I’ve also tried playing around with various paramters in /etc/libvirt/libvirtd.conf and copied /usr/lib/systemd/system/libvirtd.socket to /etc/systemd/system/libvirtd.socket and changed the perms on the unix sockets to no avail.

Perhaps I need to open a bug.

> On Jan 16, 2016, at 10:31 AM, Cole Robinson <crobinso@xxxxxxxxxx> wrote:
> 
> On 01/15/2016 07:44 PM, Nate Pearlstein wrote:
>> I’ve been trying to get policykit to automatically authorize virt-manager.
>> 
>> This was working fine with fedora 21, but with fedora 23 it doesn’t seem to work.  For both I’ve been using the mate desktop.
>> 
>> With f21 I had the following in /etc/polkit-1/localauthority/50-local.d/caprica.libvirt.pkla
>> 
>> [Allow user libvirt management permissions]
>> Identity=unix-user:user
>> Action=org.libvirt.unix.manage
>> ResultAny=yes
>> ResultInactive=yes
>> ResultActive=yes
>> 
>> 
> 
> That format hasn't worked for quite a while, due to a polkit change.
> 
>> I tried the above with f23 and no luck.  I’ve since tried
>> 
>> /etc/polkit-1/rules.d/80-libvirt.rules
>> 
>> polkit.addRule(function(action, subject) {
>>  if (action.id == "org.libvirt.unix.manage" && subject.local && subject.active && subject.isInGroup("wheel")) {
>>      return polkit.Result.YES;
>>  }
>> });
>> 
> 
> At a glance that looks like it should work, but I didn't confirm the syntax.
> However on fedora 22+ the recommended way to do this is to add yourself to the
> 'libvirt' group:
> 
> http://blog.wikichoon.com/2016/01/polkit-password-less-access-for-libvirt.html
> 
> - Cole
> -- 
> users mailing list
> users@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux