services: libvirt: Change unix-sock-group default.

When accessing libvrtd remotely, polkit can't be used unless you are
logged as root.  Instead allow libvirt groups member access to the
control socket.

* gnu/services/virtualization.scm (libvirt-configuration)
[unix-sock-group]: Change default from "root" to "libvirt".
This commit is contained in:
Brice Waegeneire 2021-02-16 22:17:30 +01:00
parent d0fcce8baf
commit 4dc17cd54e
No known key found for this signature in database
GPG key ID: A94903A166A18FAE

View file

@ -172,7 +172,7 @@ (define-configuration libvirt-configuration
"Default mDNS advertisement name. This must be unique on the
immediate broadcast network.")
(unix-sock-group
(string "root")
(string "libvirt")
"UNIX domain socket group ownership. This can be used to
allow a 'trusted' set of users access to management capabilities
without becoming root.")