On 12/19/2011 03:40 AM, 莊承恩 wrote: > Dear all: >   It's my first time to give a patch. >  I've been trying to clone a virtual machine, where invoking the virt-clone > from an Apache. >  However, virt-clone give me such error > / > $ virt-clone -o debian-test -n debian-test6 -f /home/xen/domains/debian-test6.img/ > /ERROR   Must be privileged to clone Xen guests/ >  >  I don't know if there are some serious concern about the clone priv, > but more over, I really need to clone the VM without root priv, >  As a result,  I made a patch as following, which give the clove priv to > group libvirtd. ; ) > Thanks for the patch. However not all distros have a libvirtd group so this isn't a complete fix. Frankly whether a user has privilege to clone a VM or not involves a lot of different variables that the User module isn't considering. I've pushed a change that just assumes if you already have an open connection then you are likely to have permission to clone. Fix upstream now, let me know if that's sufficient for you: http://git.fedorahosted.org/git?p=python-virtinst.git;a=commit;h=9a8945ddeec7b0325ec6827f6cb61d53118e5fcd - Cole > --- a/virtinst/User.py > +++ b/virtinst/User.py > @@ -58,7 +58,10 @@ class User(object): >        is_xen = not conn or conn.lower()[0:3] == 'xen' >        if priv in [ self.PRIV_CLONE, self.PRIV_CREATE_DOMAIN ]: >          if is_xen: > -           return self._euid == 0 > +           import grp, pwd > +           virt_grps = grp.getgrnam("libvirtd")[3] > +           usr_name = pwd.getpwuid(self._euid)[0] > +           return self._euid == 0 or usr_name in virt_grps >          return True >  >        return self._euid == 0 > > > -- > Best Regards, > 莊承æ©, > Cheng-En, Chuang > > > _______________________________________________ > virt-tools-list mailing list > virt-tools-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/virt-tools-list
