On 03/11/2010 11:24 AM, Akemi Yagi wrote: > Look into /etc/libvirt/libvirtd.conf and check out the section "UNIX > socket access controls" and make appropriate adjustment. [ I created > group 'libvirt' , added myself to the group, and uncommented the line > "unix_sock_group = "libvirt"".] Then adjust also the permission bits > of the directories and files in /var/run/libvirt to allow access to > the group libvirt. Here are the results of a test where I just made unix_sock_group the same group as an unprivileged test user: libvirtd.conf changes: unix_sock_group = "testu" unix_sock_ro_perms = "0777" [root@kvm ~]# service libvirtd restart Stopping libvirtd daemon: [ OK ] Starting libvirtd daemon: [ OK ] [root@kvm ~]# ls -l /var/run/libvirt total 16 srwx------ 1 root testu 0 Mar 11 15:03 libvirt-sock srwxrwxrwx 1 root testu 0 Mar 11 15:03 libvirt-sock-ro drwxr-xr-x 2 root root 4096 Mar 8 13:05 network drwxr-xr-x 2 root root 4096 Mar 11 15:00 qemu (no changes to qemu. Should I expect some?) > With some luck, you should be able to run the virsh command (for example): > > virsh -c qemu:///system list --all As test user "testu": [testu@kvm ~]$ virsh -c qemu:///system list --all error: unable to connect to '/var/run/libvirt/libvirt-sock': Permission denied error: failed to connect to the hypervisor [testu@kvm ~]$ virsh -c qemu:///session list --all 15:04:05.167: error : No vport operation path found for host0 15:04:05.186: error : No vport operation path found for host4 15:04:05.192: error : No vport operation path found for host3 15:04:05.240: error : No vport operation path found for host1 15:04:05.240: error : No vport operation path found for host2 Id Name State ---------------------------------- [testu@kvm ~]$ Doesn't seem like a socket access issue, the perms for the libvirt-sock-ro are wide open. Tom _______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos-virt
