[Bug 544579] New: libvirtd does accept connections from virt-manager

older
[Bug 544314] New: su requires root...

bugzilla_noreply＠novell.com

6 Oct 2009 6 Oct '09

09:11

http://bugzilla.novell.com/show_bug.cgi?id=544579 User rhafer@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=544579#c012 Summary: libvirtd does accept connections from virt-manager Classification: openSUSE Product: openSUSE 11.2 Version: Milestone 8 Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: agraf@novell.com ReportedBy: rhafer@novell.com QAContact: qa@suse.de Found By: --- Created an attachment (id=321210) --> (http://bugzilla.novell.com/attachment.cgi?id=321210) Patch to link libvirt against old policykit API Every time I launch virt-manager on 11.2M8 I get this error message: ------------------------------- Unable to open a connection to the libvirt management daemon. Libvirt URI is: qemu:///system Verify that: - The 'libvirtd' daemon has been started ------------------------------- And in the "Details" section: ------------------------------ Unable to open connection to hypervisor URI 'qemu:///system': authentication failed Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/connection.py", line 456, in _try_open None], flags) File "/usr/lib64/python2.6/site-packages/libvirt.py", line 102, in openAuth if ret is None:raise libvirtError('virConnectOpenAuth() failed') libvirtError: authentication failed ------------------------------ libvirtd is running and /var/log/messages says: Oct 6 10:47:59 bronsted libvirtd: 10:47:59.170: error : remoteDispatchAuthPolkit:3168 : Policy kit denied action org.libvirt.unix.manage from pid 1220, uid 10178, result: 512#012 even though I had given the respective user the needed privilege in the past. But since M8 I am not even able to give this privilege to the user again (using polkit-auth or polkit-kde-authorization.) Looking that the libvirt changelog revealed that it has recently been updated to use a newer PolicyKit (1.0) API. So I tried rebuilding it with the old PolicyKit API (patch attached) and that package seems to work for me now. (Though it probably better to fix the real problem with the new API, whatever it is.) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

Show replies by date

bugzilla_noreply＠novell.com

18 Jan 18 Jan

13:47

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

http://bugzilla.novell.com/show_bug.cgi?id=544579 http://bugzilla.novell.com/show_bug.cgi?id=544579#c1 Alexander Graf changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|agraf@novell.com |jfehlig@novell.com --- Comment #1 from Alexander Graf 2010-01-18 13:47:40 UTC --- libvirt issue -> Jim :) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

2 Feb 2 Feb

20:02

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

http://bugzilla.novell.com/show_bug.cgi?id=544579 http://bugzilla.novell.com/show_bug.cgi?id=544579#c2 James Fehlig changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |rhafer@novell.com --- Comment #2 from James Fehlig 2010-02-02 20:02:30 UTC --- This rewrite of PolicyKit -> polkit is seriously annoying ... I played around with this for a bit and was able to get non-root user to work by 1. Editing /etc/polkit-default-privs.local then running /sbin/set_polkit_default_privs xen24:~ # cat /etc/polkit-default-privs.local org.libvirt.unix.manage no:no:auth_admin_keep 2. Adding /etc/polkit-1/localauthority.conf.d/70-localauthority.conf (man pklocalauthority) xen24:~ # cat /etc/polkit-1/localauthority.conf.d/70-localauthority.conf [Configuration] AdminIdentities=unix-user:0;unix-user:ski With these changes, user 'ski' was able to execute "manage operations" through virsh, e.g. virsh start dom, but only after providing ski's password each time :-(. I was also able to use virt-manager after providing ski's password as well. Maybe you can replace your hacked libvirt and see if these steps work for you? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

8 Feb 8 Feb

14:17

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

http://bugzilla.novell.com/show_bug.cgi?id=544579 http://bugzilla.novell.com/show_bug.cgi?id=544579#c3 Ralf Haferkamp changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|rhafer@novell.com | --- Comment #3 from Ralf Haferkamp 2010-02-08 14:17:12 UTC --- Hm, I just updated to the latest libvirt from the Virtualization Project in obs. Now (without any changes to /etc/polkit-default-privs.local and /etc/polkit-1/localauthority.conf.d/70-localauthority.conf) I get at least a popup asking for my root password, when starting virsh or virt-manager as a normal user. It doesn't however store the authorization so I have to reenter the root password on every startup. So it is at least working better again than with plain 11.2. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

9 Feb 9 Feb

05:07

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

http://bugzilla.novell.com/show_bug.cgi?id=544579 http://bugzilla.novell.com/show_bug.cgi?id=544579#c4 --- Comment #4 from James Fehlig 2010-02-09 05:07:54 UTC --- (In reply to comment #3)

...

It doesn't however store the authorization so I have to reenter the root password on every startup.

Yes, this is the problem (noted in comment #2) that I was trying to overcome. I don't think this is any fault of libvirt though - rather a configuration of polkit or pam or ??? Authentication of a user on unix domain socket is possible without prompting for passwd, so I'm not sure why that is happening. Modifying the config files as described in #2 configures authorization - and that seems to be working. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

24 Feb 24 Feb

17:05

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

http://bugzilla.novell.com/show_bug.cgi?id=544579 http://bugzilla.novell.com/show_bug.cgi?id=544579#c Ihno Krumreich changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ihno@novell.com OS/Version|Other |openSUSE 11.2 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

13 Sep 13 Sep

20:14

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c5 --- Comment #5 from Justin Clift 2010-09-13 20:14:24 UTC --- Hi guys, Added better docs on how to configure PolicyKit for libvirtd to our (libvirt) wiki, including for openSUSE: http://wiki.libvirt.org/page/SSHPolicyKitSetup This bug appears to happen only for unix group access ("unix-group"), as configuring for individual user access ("unix-user") works fine. Until it's fixed, you can literally copy the example for individual users out of the wiki page, and it'll work. Hope that helps. :) Regards and best wishes, Justin Clift -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

20:49

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c6 David Zeuthen changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zeuthen@gmail.com --- Comment #6 from David Zeuthen 2010-09-13 20:49:39 UTC --- (In reply to comment #2)

...

1. Editing /etc/polkit-default-privs.local then running /sbin/set_polkit_default_privs

xen24:~ # cat /etc/polkit-default-privs.local org.libvirt.unix.manage no:no:auth_admin_keep

Note: /sbin/set_polkit_default_privs and /etc/polkit-default-privs.local are SUSE specific files. They do not belong in upstream. I guess that these files generate .pkla files and I suppose the reason why unix-group is not working is because you generate .pkla files that override e.g. /etc/polkit-1/localauthority/50-local.d/50-org.example-libvirt-remote-access.pkla as defined in http://wiki.libvirt.org/page/SSHPolicyKitSetup Either way, please attach a tarball generated this way # tar cfv polkit-pkla-files.tar /etc/polkit-1/localauthority/ /var/lib/polkit-1/localauthority/ on a SUSE system exhibiting these problems. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

14 Sep 14 Sep

07:12

New subject: [Bug 544579] libvirtd does accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c7 --- Comment #7 from Justin Clift 2010-09-14 07:12:42 UTC --- Created an attachment (id=389379) --> (http://bugzilla.novell.com/attachment.cgi?id=389379) tar file (bz2) with the requested directories -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:14

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c Justin Clift changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jclift@redhat.com Summary|libvirtd does accept |libvirtd doesn't accept |connections from |connections from |virt-manager |virt-manager -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:15

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c8 --- Comment #8 from Justin Clift 2010-09-14 07:15:37 UTC --- Created an attachment (id=389380) --> (http://bugzilla.novell.com/attachment.cgi?id=389380) Useful relevant additional file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:16

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c9 --- Comment #9 from Justin Clift 2010-09-14 07:16:20 UTC --- Created an attachment (id=389381) --> (http://bugzilla.novell.com/attachment.cgi?id=389381) Useful relevant additional file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:25

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c10 --- Comment #10 from Justin Clift 2010-09-14 07:25:52 UTC --- Created an attachment (id=389384) --> (http://bugzilla.novell.com/attachment.cgi?id=389384) Variable definition file referenced by set_polkit_default_privs script -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:27

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c Justin Clift changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #389381|Useful relevant additional |set_polkit_default_privs - description|file. |Useful relevant additional | |file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:27

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c Justin Clift changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #389380|Useful relevant additional |polkit-default-privs.local- description|file. |Useful relevant additional | |file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:27

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c Justin Clift changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #389380|polkit-default-privs.local- |polkit-default-privs.local description|Useful relevant additional |- Useful relevant |file. |additional file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:28

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c Justin Clift changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #389384|Variable definition file |/etc/sysconfig/security - description|referenced by |Variable definition file |set_polkit_default_privs |referenced by |script |set_polkit_default_privs | |script -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:34

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c11 --- Comment #11 from Justin Clift 2010-09-14 07:34:12 UTC --- Created an attachment (id=389386) --> (http://bugzilla.novell.com/attachment.cgi?id=389386) /etc/polkit-default-privs.standard - The default openSUSE polkit priviledge reference file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:35

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c12 --- Comment #12 from Justin Clift 2010-09-14 07:35:53 UTC --- Created an attachment (id=389387) --> (http://bugzilla.novell.com/attachment.cgi?id=389387) /etc/polkit-default-privs.restrictive - More restrictive openSUSE polkit privileges. Not used unless set in /etc/sysconfig/security. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:31

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c13 --- Comment #13 from Justin Clift 2010-09-14 08:31:26 UTC --- The "set_polkit_default_privs" script (attached), refers to some other PolicyKit related pieces on the filesystem: /etc/sysconfig/security (attached) /etc/polkit-default-privs.d/ (doesn't exist) /etc/polkit-default-privs.standard (attached) <-- this one is used by default /etc/polkit-default-privs.restrictive (attached) <-- this one is unused unless set in the /etc/sysconfig/security file Grepping the /etc/polkit-default-privs.standard file for occurances of "libvirt", gives this: org.libvirt.unix.monitor yes org.libvirt.unix.manage auth_admin_keep_always It looks like the concept used for the openSUSE implementation is to allow management access to any user regarded as an admin by PolicyKit. Investigating that, OpenSUSE ships with the same default local authority file as other distributions: /etc/polkit-1/localauthority.conf.d/50-localauthority.conf With the same contents as elsewhere: # Configuration file for the PolicyKit Local Authority. # # DO NOT EDIT THIS FILE, it will be overwritten on update. # # See the pklocalauthority(8) man page for more information # about configuring the Local Authority. # [Configuration] AdminIdentities=unix-user:0 This gives only root access by default (it seems). ************* Looking at the text of the openSUSE local configuration file, polkit-default-privs.local: # # /etc/polkit-default-privs.local # # This file is used by set_polkit_default_privs to check or set # the implicit default privileges granted by PolicyKit # # In particular, this file will not be touched during an upgrade of the # installation. It is designed to be a placeholder for local # additions by the administrator of the system. # # Note that you need to run /sbin/set_polkit_default_privs for # changes to take effect. # # Format: # <privilege> <any>:<inactive>:<active> # It seems like this is the intended place for PolicyKit config changes in openSUSE's implementation, rather than placing files in the /etc/polkit-1/ directory structure. Conceptually, I'm not sure how to leverage this approach to achieve things like "group access" and similar for libvirt. openSUSE ships with this file by default: /var/lib/polkit-1/localauthority/10-vendor.d/org.libvirt.unix.manage.pkla Containing: [org.libvirt.unix.manage] Identity=unix-user:* Action=org.libvirt.unix.manage ResultAny=auth_admin_keep ResultInactive=auth_admin_keep ResultActive=auth_admin_keep This seems to be (from my point of view at the moment), causing the problem. *Removing* this file allows the more familiar .pkla file approach documented for RHEL 6/Fedora 12+ as working. i.e. Adding /etc/polkit-1/localauthority/50-local.d/50-org.example-libvirt-remote-access.pkla with contents: [libvirt Management Access] Identity=unix-group:libvirt Action=org.libvirt.unix.manage ResultAny=yes ResultInactive=yes ResultActive=yes Then creating the unix group "libvirt". Any users added to this group gain the ability to manage libvirt (tested and verified through ssh on openSUSE 11.3). This approach doesn't seem to be in line with how openSUSE intends things to be configured though, so I'm reluctant to recommend this as the official libvirt recommendation of "how to do things on openSUSE". All pointers, suggestions for improvement, thoughts, etc, welcome. :) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

13:44

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c14 David Zeuthen changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Major |Critical --- Comment #14 from David Zeuthen 2010-09-14 13:44:30 UTC --- Thanks for providing the requested information. The problem is, obviously, that SUSE generates a .pkla file for each and every action registered with polkit. While this is generally wasteful (you could do fine with just a single .pkla file), the problem is that it breaks usage of the unix-group: directive by parties (such as libvirt). This is because of how the Local Authority works - it's even documented, see the pklocalauthority(8) man page for details: http://hal.freedesktop.org/docs/polkit/pklocalauthority.8.html E.g. that the eval order is groups, then users. It would probably be nice with a way to do what SUSE wants without breaking unix-group:. I've filed a bug upstream for this https://bugs.freedesktop.org/show_bug.cgi?id=30181 Finally, I really wish that SUSE would work upstream on this instead of inventing their own abstractions and add SUSE-specific configuration files all over the place - this behavior is just not helpful - *especially* not as you are breaking legitimate users, such as libvirt, of the configuration infrastructure. Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

14:46

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c15 James Fehlig changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO CC| |lnussel@novell.com InfoProvider| |lnussel@novell.com --- Comment #15 from James Fehlig 2010-09-14 14:46:29 UTC --- Re #13 Yep, group and user access work for me on 11.3 as per Justin's documentation at http://wiki.libvirt.org/page/SSHPolicyKitSetup but only *after* removing /var/lib/polkit-1/localauthority/10-vendor.d/org.libvirt.unix.manage.pkla Re #14 Adding SuSE polkit maintainer as he could respond to David's queries. Ludwig, how would one enable libvirt group access with needing to nuke /var/lib/polkit-1/localauthority/10-vendor.d/org.libvirt.unix.manage.pkla? Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15 Sep 15 Sep

08:14

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c16 Ludwig Nussel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|lnussel@novell.com | --- Comment #16 from Ludwig Nussel 2010-09-15 10:14:55 CEST --- you can edit /var/lib/polkit-1/localauthority/10-vendor.d/org.libvirt.unix.manage.pkla (e.g. make it empty). set_polkit_default_privs won't touch it anymore then. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:38

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c17 --- Comment #17 from Justin Clift 2010-09-15 08:38:05 UTC --- Thanks Ludwig. Sounds workable. That should survive/persist across package updates too shouldn't it, unlike deleting the file? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:54

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c18 --- Comment #18 from Ludwig Nussel 2010-09-15 10:54:45 CEST --- exactly -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

10:06

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c19 --- Comment #19 from Justin Clift 2010-09-15 10:06:44 UTC --- Thanks Ludwig. Updated the libvirt page with the info. :) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

21 Sep 21 Sep

09:45

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c23 Ludwig Nussel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|lnussel@novell.com | --- Comment #23 from Ludwig Nussel 2010-09-21 11:45:34 CEST --- (In reply to comment #20)

...

I'm not sure what to do with this bug. IMO, it is polkit configuration issue that, once addressed, solves the reported problem. Do you agree? Do you think any changes should be made to the default polkit configuration? Thanks.

If upstream changes the evaluation order the issue will resolve in Factory eventually. I could also simply change set_polkit_default_privs to use "Identity=unix-group:*" instead of "Identity=unix-user:*". We could also release a maintenance update with this change. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

29 Sep 29 Sep

15:10

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c24 James Fehlig changed: What |Removed |Added ---------------------------------------------------------------------------- CC|mt@novell.com |jfehlig@novell.com AssignedTo|jfehlig@novell.com |lnussel@novell.com --- Comment #24 from James Fehlig 2010-09-29 15:10:06 UTC --- Reassigning to Ludwig to make change in set_polkit_default_privs ... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

30 Sep 30 Sep

07:01

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

https://bugzilla.novell.com/show_bug.cgi?id=544579 https://bugzilla.novell.com/show_bug.cgi?id=544579#c25 Ludwig Nussel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #25 from Ludwig Nussel 2010-09-30 09:01:09 CEST --- fixed in Factory -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15 Apr 15 Apr

09:57

New subject: [Bug 544579] libvirtd doesn't accept connections from virt-manager

http://bugzilla.novell.com/show_bug.cgi?id=544579 http://bugzilla.novell.com/show_bug.cgi?id=544579#c26 --- Comment #26 from Bernhard Wiedemann --- This is an autogenerated message for OBS integration: This bug (544579) was mentioned in https://build.opensuse.org/request/show/48692 Factory / polkit-default-privs -- You are receiving this mail because: You are on the CC list for the bug.

2932

Age (days ago)

5315

Last active (days ago)

List overview

Download

29 comments

1 participants

participants (1)

bugzilla_noreply＠novell.com

[Bug 544579] New: libvirtd does accept connections from virt-manager

tags

participants (1)