rohityadavcloud commented on code in PR #7304:
URL: https://github.com/apache/cloudstack/pull/7304#discussion_r1124176387
##########
scripts/util/keystore-cert-import:
##########
@@ -121,6 +121,10 @@ if [ -f "$LIBVIRTD_FILE" ]; then
ln -sf /etc/pki/libvirt/servercert.pem /etc/pki/libvirt-vnc/server-cert.pem
ln -sf /etc/pki/libvirt/private/serverkey.pem
/etc/pki/libvirt-vnc/server-key.pem
cloudstack-setup-agent -s > /dev/null
+
+ QEMU_GROUP=$(sed -n 's/^group=//p' /etc/libvirt/qemu.conf | awk -F'"'
'{print $2}')
Review Comment:
This isn't fullproof and covers the case generally. Perhaps the logic can
be (a) assuming the libvirt group/user can access this file, then this would
work; othewise on error detect the distro and (b) use the group "libvirt-qemu"
if it's ubuntu, otherwise use the group "qemu" if it's RHEL or one of the other
EL clones (I haven't tested for suse15).
As normal non-root user I couldn't run this, but can run as sudoer:
1. On RHEL9:
```
[rohit@plex ~]$ sudo sed -n 's/^group=//p' /etc/libvirt/qemu.conf | awk
-F'"' '{print $2}'
root
[rohit@plex ~]$ sed -n 's/^group=//p' /etc/libvirt/qemu.conf | awk -F'"'
'{print $2}'
sed: can't read /etc/libvirt/qemu.conf: Permission denied
```
2. On Ubuntu 22.04:
```
> sed -n 's/^group=//p' /etc/libvirt/qemu.conf | awk -F'"' '{print $2}'
sed: can't read /etc/libvirt/qemu.conf: Permission denied
> sudo sed -n 's/^group=//p' /etc/libvirt/qemu.conf | awk -F'"' '{print $2}'
root
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
