Description of problem: The documentation at http://www.libvirt.org/auth.html in the section "Unix socket PolicyKit auth does not work anymore with the newer PolicyKit releases that are shiped with Fedora 12 and newer. Version-Release number of selected component (if applicable): libvirt-0.7.1-16.fc12.x86_64 polkit-0.95-2.fc12.x86_64 How reproducible: always Steps to Reproduce: 1. try to edit /etc/PolicyKit/PolicyKit.conf as instructed on http://www.libvirt.org/auth.html Actual results: Expected results: Additional info: With newer PolicyKit releases users have to add a file /var/lib/polkit-1/localauthority/50-local.d/libvirt.pkla and put the appropriate config in it to modify the default policy. Here's an example libvirt.pkla that gives user "fred" the right to manage libvirt without being prompted for a password: [Local virt-manager Permissions] Identity=unix-user:fred Action=org.libvirt.unix.* ResultAny=no ResultInactive=no ResultActive=yes
Created attachment 438512 [details] Patch to update the documentation Here's a patch to update the documentation appropriately.
This issue has been resolved upstream, with the results now live. Patch: http://libvirt.org/git/?p=libvirt.git;a=commit;h=df1718cc7366296be4ab71c830cc2b93e505ceec Results: http://www.libvirt.org/auth.html#ACL_server_polkit As an additional thought if it's useful, there's more info on PolicyKit usage with libvirt here too: http://wiki.libvirt.org/page/SSHPolicyKitSetup