04/05: doc: Fix doc and clarify how to use libvirt as unprivileged user.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

04/05: doc: Fix doc and clarify how to use libvirt as unprivileged user.

From:	guix-commits
Subject:	04/05: doc: Fix doc and clarify how to use libvirt as unprivileged user.
Date:	Sat, 30 Dec 2023 00:29:19 -0500 (EST)

apteryx pushed a commit to branch master
in repository guix.

commit b69bdcf77f8240ba8241be12ba2b0ebd55abcb38
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
AuthorDate: Fri Dec 29 23:28:05 2023 -0500

    doc: Fix doc and clarify how to use libvirt as unprivileged user.
    
    * doc/guix.texi (Virtualization Services): Document the necessity of being
    part of the "libvirt" group and augment example.  Remove extraneous
    "(unix-sock-group "libvirt")" from example, as this is now the default 
value.
    Update default documented value from "root" to "libvirt".
    
    Fixes: https://issues.guix.gnu.org/34611
    Reported-by: Brett Gilio <brettg@posteo.net>
    Change-Id: I5fe17706f69db55fbd661e0a43115c56d0ffd9a9
---
 doc/guix.texi | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index bc04bb8150..3002cdfa13 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -35174,17 +35174,24 @@ services.
 @subsubheading Libvirt daemon
 
 @code{libvirtd} is the server side daemon component of the libvirt
-virtualization management system.  This daemon runs on host servers
-and performs required management tasks for virtualized guests.
+virtualization management system.  This daemon runs on host servers and
+performs required management tasks for virtualized guests.  To connect
+to the libvirt daemon as an unprivileged user, it must be added to the
+@samp{libvirt} group, as shown in the example below.
 
 @defvar libvirt-service-type
 This is the type of the @uref{https://libvirt.org, libvirt daemon}.
 Its value must be a @code{libvirt-configuration}.
 
 @lisp
+(users (cons (user-account
+              (name "user")
+              (group "users")
+              (supplementary-groups '("libvirt"
+                                      "audio" "video" "wheel")))
+             %base-user-accounts))
 (service libvirt-service-type
          (libvirt-configuration
-          (unix-sock-group "libvirt")
           (tls-port "16555")))
 @end lisp
 @end defvar
@@ -35266,7 +35273,7 @@ UNIX domain socket group ownership.  This can be used 
to allow a
 'trusted' set of users access to management capabilities without
 becoming root.
 
-Defaults to @samp{"root"}.
+Defaults to @samp{"libvirt"}.
 
 @end deftypevr

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (f76ca2b0e8 -> f24b14767d), guix-commits, 2023/12/30
- 02/05: gnu: Add x-resize., guix-commits, 2023/12/30
- 03/05: gnu: vm-image.tmpl: Improve SPICE dynamic resizing., guix-commits, 2023/12/30
- 04/05: doc: Fix doc and clarify how to use libvirt as unprivileged user., guix-commits <=
- 05/05: Add network bridge guide to the cookbook., guix-commits, 2023/12/30
- 01/05: gnu: guile-udev: Update to 0.3.0., guix-commits, 2023/12/30

Prev by Date: branch master updated (f76ca2b0e8 -> f24b14767d)
Next by Date: 05/05: Add network bridge guide to the cookbook.
Previous by thread: 03/05: gnu: vm-image.tmpl: Improve SPICE dynamic resizing.
Next by thread: 05/05: Add network bridge guide to the cookbook.
Index(es):
- Date
- Thread