Hello! Excuse me for renewing this discussion. You mentioned that you can't send identity information over the remote channel in libvirt. In virt-manager, which directly uses libvirt remote functionality, there are such fields (attached, "username"). What they are used for? Are they used somehow in the sent packets?
ср, 9 мая 2018 г. в 11:27, Daniel P. Berrangé <berra...@redhat.com>: > On Wed, May 09, 2018 at 11:21:22AM +0300, Anastasiya Ruzhanskaya wrote: > > Ok, excuse me for misunderstanding, how it is possible then to set up > > access control when I use remote connection to KVM ( not in UNIX domain)? > > Is there any way within libvirt, maybe based on authentication or > > certificates? > > Unfortunately we don't have a solution for fine grained access control > when using remote TCP access. We had a feature request against polkit > to allow passing it identity information such as certificate distinguished > name, but that was rejected :-( > > Regards, > Daniel > -- > |: https://berrange.com -o- > https://www.flickr.com/photos/dberrange :| > |: https://libvirt.org -o- > https://fstop138.berrange.com :| > |: https://entangle-photo.org -o- > https://www.instagram.com/dberrange :| >
_______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users