me/guix
Archived
1
0
Fork 0
Code Activity

services: libvirt: Change unix-sock-group default.

Browse source 
When accessing libvrtd remotely, polkit can't be used unless you are
logged as root.  Instead allow libvirt groups member access to the
control socket.

* gnu/services/virtualization.scm (libvirt-configuration)
[unix-sock-group]: Change default from "root" to "libvirt".
This commit is contained in:
Brice Waegeneire 2021-02-16 22:17:30 +01:00
parent d0fcce8baf
commit 4dc17cd54e
No known key found for this signature in database
GPG key ID: A94903A166A18FAE
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
gnu/services/virtualization.scm
View file

@ -172,7 +172,7 @@ stopping the Avahi daemon.")
"Default mDNS advertisement name. This must be unique on the "Default mDNS advertisement name. This must be unique on the
immediate broadcast network.") immediate broadcast network.")
(unix-sock-group (unix-sock-group
(string "root") (string "libvirt")
"UNIX domain socket group ownership. This can be used to "UNIX domain socket group ownership. This can be used to
allow a 'trusted' set of users access to management capabilities allow a 'trusted' set of users access to management capabilities
without becoming root.") without becoming root.")