libvirt ACLs
I was looking at /etc/libvirt/libvirtd.conf on a RHEL 7.0 machine (libvirt 1.1.1) and a RHEL 7.1 beta machine (libvirt 1.2.8), and I saw that there is an option to enable libvirt ACLs.
# Change the API access control scheme
#
# By default an authenticated user is allowed access
# to all APIs. Access drivers can place restrictions
# on this. By default the 'nop' driver is enabled,
# meaning no access control checks are done once a
# client has authenticated with libvirtd
#
#access_drivers = [ "polkit" ]
However, I cannot find any documentation on libvirt ACLs in the RHEL documentation. I can only find libvirt project documentation and some info from the Fedora project.
http://libvirt.org/aclpolkit.html
http://libvirt.org/acl.html
http://fedoraproject.org/wiki/Changes/Virt_ACLs
http://fedoraproject.org/wiki/QA:Testcase_Virt_ACLs
As a sysadmin who maintains only 1 RHEL KVM host at work (and therefore would not use full-blown RHEV), this sounds like a great feature. Has anyone used libvirt ACLs successfully?
Responses
Hi Mike,
I document the Libvirt/Virtualization information for RHEL 7. To better answer your question, why do you want access to the libvirt API and what are you trying to do with it?
Laura
Hi Mike,
Thanks for getting back to me so quickly.
Some additional questions:
How are you planning to manage the VMs?
How many VMs do you plan to deploy?
Thanks in advance
Laura
Hi Mike,
Thanks for all the information. I am working with the libvirt team and will have a reply for you shortly.
Best Regards,
Laura
Hi Mike,
The best thing for you to do is to open a case with the customer portal. Please click this link - https://access.redhat.com/support/cases/#/case/new?intcmp=hp|a|a3|case& and fill in the form.
I appreciate your patience and hope this will be resolved to your satisfaction.
Thanks again,
Laura
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
