[Pkg-libvirt-commits] [libvirt] 01/01: Document libvirt user capabilities
Guido Guenther
agx at moszumanska.debian.org
Wed Jan 22 19:31:15 UTC 2014
This is an automated email from the git hooks/post-receive script.
agx pushed a commit to branch master
in repository libvirt.
commit e936a7ebb6094f36f209e17eb847615600284288
Author: Guido Günther <agx at sigxcpu.org>
Date: Wed Jan 22 20:29:37 2014 +0100
Document libvirt user capabilities
---
debian/README.Debian | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/debian/README.Debian b/debian/README.Debian
index de12bbb..591f5cf 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -56,6 +56,10 @@ Access Control
Access to the libvirt socket is controlled by membership in the "libvirt" group.
If you want to manage VMs as non root you need to add a user to that group.
+Note that this will allow users in this group to use all of libvirt's
+API including modifying files on the host. For finer grained access
+control have a look at libvirt's ACLs.
+
System QEMU/KVM processes are run as user and group libvirt-qemu. This can be
adjusted via /etc/libvirt/qemu.conf.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libvirt.git
More information about the Pkg-libvirt-commits
mailing list