18
7
When starting virt-manager, it asks for the root password.
It looks like virt-manager causes the libvirtd daemon to run pkcheck with a couple of arguments, which then shows this authentication dialog. So it's PolicyKit who's asking for the root password.
The official website (libvirt.org) describes how to define a PolicyKit rule to get rid of the password prompt:
$ sudo cat /etc/polkit-1/localauthority/50-local.d/50-org.example-libvirt-remote-access.pkla
[libvirt Management Access]
Identity=unix-group:libvirt
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
The subdirectory "localauthority" did not exist. Creating it and putting a file with that name and content (libvirt -> my group name) in there does not seem to have any effect. Also, there's a default file, which uses JavaScript syntax:
/etc/polkit-1/rules.d/50-default.rules
This package is installed on the system, plus a few DE frontends:
polkit-0.107-4.fc18.x86_64
Apparently the example configuration on libvirt.org is outdated?
What configuration is necessary to get rid of the password prompt (for a specific user group)?
How does this compare to adding the user to the libvirt group? I tested adding the user to the libvirt group and then the additional authentication wasn't required. – jwbensley – 2017-03-02T18:16:21.160
1@jwbensley The polkit way is dynamic and gives the permissions to the owner of the active local session. The group way is static and gives the privilege to that specific user. Choose your ways as you see fit. – Pavel Šimerda – 2017-03-07T18:18:42.620
1This solution works! Thanks for the links as well. Bounty awarded. – senorsmile – 2013-10-15T21:43:27.863
Sorry for the wrong formatting, fixed that. – Pavel Šimerda – 2013-10-16T07:05:27.497