[v2] Change the default libvirt remote user to libvirt-remote
Message ID | 1465549033-652-1-git-send-email-jonatan.schlag@ipfire.org |
---|---|
State | Accepted |
Commit | 77d989a66726dfe8282d00eec25f1cca80aca118 |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (hedwig.ipfire.org [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 867016154F for <patchwork@ipfire.org>; Fri, 10 Jun 2016 10:48:26 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 1B50C183C; Fri, 10 Jun 2016 10:48:26 +0200 (CEST) Received: from fangorn.local.familyschlag (dslb-088-073-217-236.088.073.pools.vodafone-ip.de [88.73.217.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 18C5014BD; Fri, 10 Jun 2016 10:48:24 +0200 (CEST) From: Jonatan Schlag <jonatan.schlag@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH v2] Change the default libvirt remote user to libvirt-remote Date: Fri, 10 Jun 2016 10:57:13 +0200 Message-Id: <1465549033-652-1-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.1.4 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Jonatan Schlag
June 10, 2016, 6:57 p.m. UTC
It is possible to communicate per ssh via a socket with libvirt. It is
not a good idea to do this as root, so the remote user is now
libvirt-remote. Only this user or users in the group libvirt-remote can
communicate with the socket.
The user libvirt-remote is created without a password. The users have to
set a password for this user after installation.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
lfs/libvirt | 3 +-
src/paks/libvirt/install.sh | 6 +++
...hange-options-in-libvirtd.conf-for-IPFire.patch | 43 ++++++++++++++++++++++
3 files changed, 51 insertions(+), 1 deletion(-)
create mode 100644 src/patches/libvirt/0002-Change-options-in-libvirtd.conf-for-IPFire.patch