Centos – libvirtd: kvm: User Permissions Centos 6

centoskvm-virtualizationpermissionsuser-managementvirsh

I need to have user access control over how they can use the Virtual machines and what they can do via Virsh on a KVM based hypervisor.

So far what I learned from http://wiki.libvirt.org is that I have to enable the unix socket permissions at /etc/libvirt/libvirtd.conf for the unix socket and create a new group called libvirtd and add users into that. So that went all fine, however, with those users I can't see any virtual machines when I do

virsh list --all

The documentation at libvirt.ogr also mentions using polkit and other techniques.

If someone could help me with any working example of either using simple unix socket permission method or polikit or sudoer method or any other method.

I would like have user permissions in such a way that a user from virsh can perform only limited tasks such as cant do virsh start but can't virsh destroy.

Best Answer

I had success with using PolicyKit on CentOS 6.5 using the libvirt wiki:

http://wiki.libvirt.org/page/SSHPolicyKitSetup

The missing step to getting it to work with virsh: is to add the following to your .bash_profile:

if test -x `which virsh`; then
  export LIBVIRT_DEFAULT_URI=qemu:///system
fi

(this is from this post)

This setup also allows pretty seamless usage from virt-manager on a remote computer.

Best Answer

Related Solutions

Sharepoint site showing up even though user has no permissions to it

Linux – How to Set Up Permissions for the WWW Folder

Related Topic