aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrice Waegeneire <brice@waegenei.re>2021-02-16 22:17:30 +0100
committerBrice Waegeneire <brice@waegenei.re>2021-09-04 09:19:46 +0200
commit4dc17cd54e86dbd71d26b87138660d42e8f615a9 (patch)
treeaa4ceb34725a74cffd1fff585ac628b36b11bc5e
parentd0fcce8baf716f8661508db50eaf23b2d5a64a58 (diff)
downloadguix-4dc17cd54e86dbd71d26b87138660d42e8f615a9.tar
guix-4dc17cd54e86dbd71d26b87138660d42e8f615a9.tar.gz
services: libvirt: Change unix-sock-group default.
When accessing libvrtd remotely, polkit can't be used unless you are logged as root. Instead allow libvirt groups member access to the control socket. * gnu/services/virtualization.scm (libvirt-configuration) [unix-sock-group]: Change default from "root" to "libvirt".
-rw-r--r--gnu/services/virtualization.scm2
1 files changed, 1 insertions, 1 deletions
diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm
index b0df0489b9..bca5f56b87 100644
--- a/gnu/services/virtualization.scm
+++ b/gnu/services/virtualization.scm
@@ -172,7 +172,7 @@ stopping the Avahi daemon.")
"Default mDNS advertisement name. This must be unique on the
immediate broadcast network.")
(unix-sock-group
- (string "root")
+ (string "libvirt")
"UNIX domain socket group ownership. This can be used to
allow a 'trusted' set of users access to management capabilities
without becoming root.")