Bug 610822 - DOCS: on www.libvirt.org about using PolicyKit authentication for libvirt is out of date
DOCS: on www.libvirt.org about using PolicyKit authentication for libvirt is ...
Status: CLOSED UPSTREAM
Product: Virtualization Tools
Classification: Community
Component: libvirt (Show other bugs)
unspecified
All Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Veillard
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-02 10:10 EDT by Frank Danapfel
Modified: 2010-09-21 12:58 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-09-21 12:58:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to update the documentation (2.53 KB, patch)
2010-08-12 15:16 EDT, Patrick Dignan
no flags Details | Diff

  None (edit)
Description Frank Danapfel 2010-07-02 10:10:41 EDT
Description of problem:
The documentation at http://www.libvirt.org/auth.html in the section "Unix socket PolicyKit auth does not work anymore with the newer PolicyKit releases that are shiped with Fedora 12 and newer.

Version-Release number of selected component (if applicable):
libvirt-0.7.1-16.fc12.x86_64
polkit-0.95-2.fc12.x86_64

How reproducible:
always

Steps to Reproduce:
1. try to edit /etc/PolicyKit/PolicyKit.conf as instructed on http://www.libvirt.org/auth.html
  
Actual results:

Expected results:
 
Additional info:
With newer PolicyKit releases users have to add a file /var/lib/polkit-1/localauthority/50-local.d/libvirt.pkla and put the appropriate config in it to modify the default policy. Here's an example libvirt.pkla that gives user "fred" the right to manage libvirt without being prompted for a password:

[Local virt-manager Permissions]
Identity=unix-user:fred
Action=org.libvirt.unix.*
ResultAny=no
ResultInactive=no
ResultActive=yes
Comment 1 Patrick Dignan 2010-08-12 15:16:42 EDT
Created attachment 438512 [details]
Patch to update the documentation

Here's a patch to update the documentation appropriately.
Comment 2 Justin Clift 2010-09-21 12:58:15 EDT
This issue has been resolved upstream, with the results now live.

Patch:

  http://libvirt.org/git/?p=libvirt.git;a=commit;h=df1718cc7366296be4ab71c830cc2b93e505ceec

Results:

  http://www.libvirt.org/auth.html#ACL_server_polkit


As an additional thought if it's useful, there's more info on PolicyKit usage with libvirt here too:

  http://wiki.libvirt.org/page/SSHPolicyKitSetup

Note You need to log in before you can comment on or make changes to this bug.