[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
04/05: doc: Fix doc and clarify how to use libvirt as unprivileged user.
From: |
guix-commits |
Subject: |
04/05: doc: Fix doc and clarify how to use libvirt as unprivileged user. |
Date: |
Sat, 30 Dec 2023 00:29:19 -0500 (EST) |
apteryx pushed a commit to branch master
in repository guix.
commit b69bdcf77f8240ba8241be12ba2b0ebd55abcb38
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
AuthorDate: Fri Dec 29 23:28:05 2023 -0500
doc: Fix doc and clarify how to use libvirt as unprivileged user.
* doc/guix.texi (Virtualization Services): Document the necessity of being
part of the "libvirt" group and augment example. Remove extraneous
"(unix-sock-group "libvirt")" from example, as this is now the default
value.
Update default documented value from "root" to "libvirt".
Fixes: https://issues.guix.gnu.org/34611
Reported-by: Brett Gilio <brettg@posteo.net>
Change-Id: I5fe17706f69db55fbd661e0a43115c56d0ffd9a9
---
doc/guix.texi | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index bc04bb8150..3002cdfa13 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -35174,17 +35174,24 @@ services.
@subsubheading Libvirt daemon
@code{libvirtd} is the server side daemon component of the libvirt
-virtualization management system. This daemon runs on host servers
-and performs required management tasks for virtualized guests.
+virtualization management system. This daemon runs on host servers and
+performs required management tasks for virtualized guests. To connect
+to the libvirt daemon as an unprivileged user, it must be added to the
+@samp{libvirt} group, as shown in the example below.
@defvar libvirt-service-type
This is the type of the @uref{https://libvirt.org, libvirt daemon}.
Its value must be a @code{libvirt-configuration}.
@lisp
+(users (cons (user-account
+ (name "user")
+ (group "users")
+ (supplementary-groups '("libvirt"
+ "audio" "video" "wheel")))
+ %base-user-accounts))
(service libvirt-service-type
(libvirt-configuration
- (unix-sock-group "libvirt")
(tls-port "16555")))
@end lisp
@end defvar
@@ -35266,7 +35273,7 @@ UNIX domain socket group ownership. This can be used
to allow a
'trusted' set of users access to management capabilities without
becoming root.
-Defaults to @samp{"root"}.
+Defaults to @samp{"libvirt"}.
@end deftypevr