-   Linux - Security (
-   -   [RedHat 6.3] Allow virt-manager but not libvirt (

RuZleBiFf 01-24-2013 05:17 AM

[RedHat 6.3] Allow virt-manager but not libvirt

We are trying to get a "secure" KVM-environment up and running, but keep hitting walls.
We don't want our users to be able to do what ever they want, and virt-manager is quite simple to modify (just python-scripts).
The users need to be able to run virt-manager without root, but not be able to create machines in a terminal.
Therefor i cannot use policykit-action org.libvirt.unix.policy and allow_any.

Is this even possible?
Is policykit the right way to go or do we need to look at selinux?

Thanks so much for all tips and pointers, i'm totaly stuck right now.

Best Regards,

kbp 01-28-2013 05:35 PM

If your users are non-privileged then they only get read-only access anyway. You need to take graphical vs. text out of the equation and look at it a simple permissions - are they privileged or not?

RuZleBiFf 01-30-2013 06:47 AM

Hi again.

I just did some testing, and even though our users are not privileged, they are able to run virt-install (and every other virt-command)
Is it possible to prevent users from running virt-commands?

kbp 01-30-2013 05:21 PM

I think polkit support is compiled in, you may be able to work around it by changing a few settings in /etc/libvirt/libvirtd.conf:


unix_sock_group = somegroup #pick a group that users will need to be a member of to have R/W access
unix_sock_rw_perms = "0770"
auth_unix_rw = "none"

I haven't tested this but the directives are commented in the file so you should be able to work it out.

All times are GMT -5. The time now is 01:27 PM.