Skip to content

CIRCLE / salt

Go to a project
Commit 9905d862 by Dóbé Péter
Options

polkit setting for libvirt; patch kvm wrapper to allow emulated mode

parent 4f3c19c3
Showing with 34 additions and 1 deletions
salt/vmdriver/files/org.libvirt.unix.manage.pkla 0 → 100644
[Allow cloud libvirt management permissions]
Identity=unix-user:cloud
Action=org.libvirt.unix.manage;org.libvirt.unix.monitor
ResultAny=yes
ResultInactive=yes
ResultActive=yes
{# TODO: change 'cloud' to ? #}
salt/vmdriver/libvirt.sls
...@@ -65,7 +65,33 @@ vmdriver_semodule: ...@@ -65,7 +65,33 @@ vmdriver_semodule:
- file: /root/vmdriver.te - file: /root/vmdriver.te
- pkg: selinux_pkgs - pkg: selinux_pkgs
{% elif grains['os'] != 'Debian' %} {% elif grains['os'] == 'Debian' %}
/usr/bin/kvm:
file.replace:
- pattern: -enable-kvm \"\$@\"
- repl: "`[ \"$HYPERVISOR_TYPE\" != qemu ] && echo -enable-kvm` \"$@\""
- watch:
- pkg: vmdriver
policycoreutils:
pkg.installed
{# Note: Debian Jessie has polkit 0.105, which uses pkla format instead of js #}
/etc/polkit-1/localauthority/50-local.d/org.libvirt.unix.manage.pkla:
file.managed:
- source: salt://vmdriver/files/org.libvirt.unix.manage.pkla
- user: root
- group: root
- template: jinja
polkitd:
service:
- running
- watch:
- file: /etc/polkit-1/localauthority/50-local.d/org.libvirt.unix.manage.pkla
{% else %}
/etc/apparmor.d/libvirt/TEMPLATE: /etc/apparmor.d/libvirt/TEMPLATE:
file.managed: file.managed:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment