OK, here’s how I fixed it.
[ul]
[li]create a groupe ‘libvirt’[/li][li]add your user(s) to this group[/li][li]comment out the two lines in /etc/libvirt/libvirtd.conf, as shown in the diff below:[/li]
--- /etc/libvirt/libvirtd.conf.orig 2011-08-29 10:59:42.000000000 -0700
+++ /etc/libvirt/libvirtd.conf 2011-08-29 10:59:42.000000000 -0700
@@ -76,7 +76,7 @@
# without becoming root.
#
# This is restricted to 'root' by default.
-#unix_sock_group = "libvirt"
+unix_sock_group = "libvirt"
# Set the UNIX socket permissions for the R/O socket. This is used
# for monitoring VM status only
@@ -93,7 +93,7 @@
#
# If not using PolicyKit and setting group ownership for access
# control then you may want to relax this to:
-#unix_sock_rw_perms = "0770"
+unix_sock_rw_perms = "0770"
# Set the name of the directory in which sockets will be found/created.
#unix_sock_dir = "/var/run/libvirt"
[li]remove the sockets[/li]
rm /var/run/libvirt/libvirt-sock*
[li]restart the daemon[/li]
service libvirtd restart
[/ul]
Then you will be able to connect to libvirt as user.
I think it’s a bug in openSUSE, because the desktop file used to start virt-manager wouldn’t allow non root users to connect to libvirt:
# sed '/Name\[/d' /usr/share/applications/YaST2/virt-manager.desktop
[Desktop Entry]
X-SuSE-translate=true
Name=Virtual Machine Manager
Comment=Manage Virtual Machines for Xen and KVM
Version=1.0
Icon=yast-vm-management
Exec=/usr/bin/virt-manager
Type=Application
Terminal=false
Encoding=UTF-8
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-Virtualization;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=false
X-SuSE-YaST-Call=/usr/bin/virt-manager
X-SuSE-YaST-Group=Virtualization
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
To get it working before I solved the user access problem, I had to change the Exec line into:
Exec=xdg-su -c '/usr/bin/virt-manager'
and got dbus connection errors outside of Gnome/Kde/Xfce (had to use dbus-launch then).
As I had to fix the issue on several computers, I wrote a quick and dirty script. Just replace user names and libvirt gid (if needed):
#! /bin/sh
grpname=libvirt
grpid=136
users=(laurel hardy)
groupadd -g $grpid $grpname
for u in ${users[li]} ; do[/li] groupmod -A $u libvirt
done
cp /etc/libvirt/libvirtd.conf{,.orig}
sed -i 's/^#\(unix_sock_group\)/\1/;s/^#\(unix_sock_rw_perms\)/\1/' /etc/libvirt/libvirtd.conf
rm /var/run/libvirt/libvirt-sock*
service libvirtd restart
- And I didn’t have to play with polkit authorizations.