[Pkg-libvirt-maintainers] Bug#764826: Bug#764826: Please move policykit rules to /usr/share/polkit-1/rules.d/
Michael Biebl
biebl at debian.org
Sat Oct 11 16:59:01 UTC 2014
Am 11.10.2014 um 18:30 schrieb Guido Günther:
> Hi Michael,
> On Sat, Oct 11, 2014 at 04:26:57PM +0200, Michael Biebl wrote:
>> Package: libvirt-daemon-system
>> Version: 1.2.9-2
>> Severity: normal
>>
>> Hi,
>>
>> package provided policykit rules files are supposed to go to
>> /usr/share/polkit-1/rules.d/.
>> /etc/polkit-1/rules.d/ is reserved for local changes by the admin.
>>
>> Please consider moving the file.
>
> I do wonder why 40sudo and 50default is in there then? Are these bugs
> too?
Yeah, probably.
> The idea was to make it simple to get rid of the libvirt group having
> access to the socket by removing the file.
Afaics, the mechanism to grant users access to the socket, is
"adduser <user> libvirt". So it seems more natural to simply remove
users from the group again instead of removing the policy alltogether.
That said, if the intention is to disable this rule, you can simply do a
"touch /etc/polkit-1/rules.d/60-libvirt.rules". This will override the
system provided rules file.
The idea behind moving default configuration data to /usr is to make
stateless systems possible.
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-libvirt-maintainers/attachments/20141011/badc81df/attachment.sig>
More information about the Pkg-libvirt-maintainers
mailing list