From 4dc17cd54e86dbd71d26b87138660d42e8f615a9 Mon Sep 17 00:00:00 2001 From: Brice Waegeneire Date: Tue, 16 Feb 2021 22:17:30 +0100 Subject: [PATCH] services: libvirt: Change unix-sock-group default. When accessing libvrtd remotely, polkit can't be used unless you are logged as root. Instead allow libvirt groups member access to the control socket. * gnu/services/virtualization.scm (libvirt-configuration) [unix-sock-group]: Change default from "root" to "libvirt". --- gnu/services/virtualization.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm index b0df0489b9..bca5f56b87 100644 --- a/gnu/services/virtualization.scm +++ b/gnu/services/virtualization.scm @@ -172,7 +172,7 @@ (define-configuration libvirt-configuration "Default mDNS advertisement name. This must be unique on the immediate broadcast network.") (unix-sock-group - (string "root") + (string "libvirt") "UNIX domain socket group ownership. This can be used to allow a 'trusted' set of users access to management capabilities without becoming root.")