In today's Rawhide, when I run virt-manager, it pops up a dialog saying it couldn't connect to the qemu hypervisor: Unable to open connection to hypervisor URI 'qemu:///system': Failed to collect auth credentials Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/connection.py", line 456, in _try_open None], flags) File "/usr/lib64/python2.6/site-packages/libvirt.py", line 102, in openAuth if ret is None:raise libvirtError('virConnectOpenAuth() failed') libvirtError: Failed to collect auth credentials Looking at the log, this seems to be a PolicyKit problem: [Tue, 04 Aug 2009 17:51:21 virt-manager 12217] DEBUG (connection:357) Doing policykit for org.libvirt.unix.manage [Tue, 04 Aug 2009 17:51:21 virt-manager 12217] DEBUG (connection:441) Failed to get credentials for 'qemu:///system': org.freedesktop.DBus.Error.UnknownMethod: Method "ObtainAuthorization" with signature "sii" on interface "org.freedesktop.PolicyKit.AuthenticationAgent" doesn't exist Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/connection.py", line 429, in _do_creds return self._do_creds_polkit(creds[0][1]) File "/usr/share/virt-manager/virtManager/connection.py", line 368, in _do_creds_polkit raise e DBusException: org.freedesktop.DBus.Error.UnknownMethod: Method "ObtainAuthorization" with signature "sii" on interface "org.freedesktop.PolicyKit.AuthenticationAgent" doesn't exist
simple meme. Works as root though.
Hadn't tested that. Er, virt-manager is _supposed_ to be able to work as a regular user, right? -- Fedora Bugzappers volunteer triage team https://fedoraproject.org/wiki/BugZappers
In F11 it asks for the administrator password. I would add the org.libvirt.unix.manage PolicyKit permission for my normal user and it would work great. Now I can't figure out how to add that permission (PolicyKit is in flux) and it doesn't ask for the admin password....
yeah, I can't figure out how to make changes to the new PolicyKit either. it doesn't appear to have a GUI any more. sigh. so we have a couple of potential problems here - if virt-manager is supposed to work as a normal user, this needs to be changed. if not, it needs to go back to asking for root permissions. -- Fedora Bugzappers volunteer triage team https://fedoraproject.org/wiki/BugZappers
New policy kit does not require the client to display any authentication dialogs itself, that's all triggered by the sever out of band. There's two things - libvirt needs to support new policykit - virt-manager needs to catch & ignore this error from dbus - if it gets the UnknownMethod error that (probably) means its got new policykit
i'm just a hack, but point 2 sounds like the wrong fix for me...shouldn't it instead do a proper test for which policykit it's working with _first_, and then behave as appropriate after that, rather than assuming an error response to something else is a decent test of which policykit it's working with? -- Fedora Bugzappers volunteer triage team https://fedoraproject.org/wiki/BugZappers
See bug #499970 for the port to newer policy kit I guess this bug then boils down to whether or not we support both versions of policy kit in a build of libvirt and handle choosing the right one at runtime Personally, I think PolicyKit broke their ABI, we should port to it and not jump through hoops to make this any less painful than it really is
THis bug is a bug in virt-manager - it needs to cope with the PolicyKit dbus auth API not existing for newer policykit. The libvirt side of things is already dealt with in bug #499970
The libvirt policy-kit 1 support does not even call out to application callbacks anymore, so this whole bug just disappears, no code changes required in virt-manager *** This bug has been marked as a duplicate of bug 499970 ***