| | 262 | {{{ |
| | 263 | root$ vi /etc/libvirt/libvirtd.conf |
| | 264 | # |
| | 265 | # UNIX socket access controls |
| | 266 | # |
| | 267 | |
| | 268 | # Set the UNIX domain socket group ownership. This can be used to |
| | 269 | # allow a 'trusted' set of users access to management capabilities |
| | 270 | # without becoming root. |
| | 271 | # |
| | 272 | # This is restricted to 'root' by default. |
| | 273 | unix_sock_group = "kvm" (81 line) |
| | 274 | |
| | 275 | # Set the UNIX socket permissions for the R/O socket. This is used |
| | 276 | # for monitoring VM status only |
| | 277 | # |
| | 278 | # Default allows any user. If setting group ownership may want to |
| | 279 | # restrict this to: |
| | 280 | unix_sock_ro_perms = "0777" (88 line) |
| | 281 | |
| | 282 | # Set the UNIX socket permissions for the R/W socket. This is used |
| | 283 | # for full management of VMs |
| | 284 | # |
| | 285 | # Default allows only root. If PolicyKit is enabled on the socket, |
| | 286 | # the default will change to allow everyone (eg, 0777) |
| | 287 | # |
| | 288 | # If not using PolicyKit and setting group own/etc/init.d/libvirtd startership for access |
| | 289 | # control then you may want to relax this to: |
| | 290 | unix_sock_rw_perms = "0770" (98 line) |
| | 291 | |
| | 292 | # Set the name of the directory in which sockets will be found/createdwget http://www.sqlite.org/sqlite-amalgamation-3.6.17.tar.gz -P /tmp. |
| | 293 | unix_sock_dir = "/var/run/libvirt" (101 line) |
| | 294 | |
| | 295 | }}} |
| | 296 | |
