aboutsummaryrefslogtreecommitdiffstats
path: root/modules/libvirtd
diff options
context:
space:
mode:
Diffstat (limited to 'modules/libvirtd')
-rw-r--r--modules/libvirtd/manifests/init.pp13
-rw-r--r--modules/libvirtd/templates/50-template-libvirt-remote-access.pkla6
2 files changed, 19 insertions, 0 deletions
diff --git a/modules/libvirtd/manifests/init.pp b/modules/libvirtd/manifests/init.pp
index 2d4f8843..70517fca 100644
--- a/modules/libvirtd/manifests/init.pp
+++ b/modules/libvirtd/manifests/init.pp
@@ -20,4 +20,17 @@ class libvirtd {
}
}
+
+ # see http://wiki.libvirt.org/page/SSHPolicyKitSetup
+ define group_access() {
+ # to pull polkit and create the directory
+ include libvirtd::base
+ file { "/etc/polkit-1/localauthority/50-local.d/50-$name-libvirt-remote-access.pkla":
+ owner => root,
+ group => root,
+ perms => 644,
+ ensure => present,
+ content => template("libvirtd/50-template-libvirt-remote-access.pkla"),
+ }
+ }
}
diff --git a/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla b/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla
new file mode 100644
index 00000000..201e89a0
--- /dev/null
+++ b/modules/libvirtd/templates/50-template-libvirt-remote-access.pkla
@@ -0,0 +1,6 @@
+[Remote libvirt SSH access]
+Identity=unix-user:root;unix-group:<%= name %>
+Action=org.libvirt.unix.manage
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes
generated by cgit v1.2.1 (git 2.21.0) at 2025-04-26 23:56:57 +0000