On Thu, Oct 29, 2020 at 04:13:45PM +0100, Natxo Asenjo wrote: > hi, > using the cockpit web ui and with these instructions: > > https://libvirt.org/dbus.html#usage > > we allow successfully that a group of users can access the console of the > system vms in different kvm hosts. > > Oddly enough, in the same cockpit web interface I can use a terminal, and > if I run virsh list --all I get an empty listing. > > So using cockpit I can manage the system vms, but I cannot use virsh. > > This is in a rhel 7.8 system. The host is joined to an Idm realm, and this > realm has a trust to an AD forest. The users are AD users mapped to an > external Idm group. > > Any ideas as to what we do wrong? There are two distinct instances of libvirt - system mode and session mode. I suspect cockpit is using a different instance than your virsh command https://libvirt.org/drvqemu.html#securitydriver virsh defaults to "session" mode if running non-root, "system" mode if running as root. You can use "-c URI" to override the default if running non-root. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
