File: libvirtd.policy-0

package info (click to toggle)
libvirt 0.8.3-5%2Bsqueeze5
  • links: PTS, VCS
  • area: main
  • in suites: squeeze
  • size: 77,288 kB
  • ctags: 30,516
  • sloc: ansic: 177,367; xml: 26,161; sh: 13,271; python: 4,929; makefile: 2,083; ml: 472; perl: 221; awk: 48; sed: 16
file content (42 lines) | stat: -rw-r--r-- 1,608 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<!DOCTYPE policyconfig PUBLIC
 "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">

<!--
Policy definitions for libvirt daemon

Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>

libvirt is licensed to you under the GNU Lesser General Public License
version 2. See COPYING for details.

NOTE: If you make changes to this file, make sure to validate the file
using the polkit-policy-file-validate(1) tool. Changes made to this
file are instantly applied.
-->

<policyconfig>
    <action id="org.libvirt.unix.monitor">
      <description>Monitor local virtualized systems</description>
      <message>System policy prevents monitoring of local virtualized systems</message>
      <defaults>
        <!-- Any program can use libvirt in read-only mode for monitoring,
             even if not part of a session -->
        <allow_any>yes</allow_any>
        <allow_inactive>yes</allow_inactive>
        <allow_active>yes</allow_active>
      </defaults>
    </action>

    <action id="org.libvirt.unix.manage">
      <description>Manage local virtualized systems</description>
      <message>System policy prevents management of local virtualized systems</message>
      <defaults>
        <!-- Only a program in the active host session can use libvirt in
             read-write mode for management, and we require user password -->
        <allow_any>no</allow_any>
        <allow_inactive>no</allow_inactive>
        <allow_active>auth_admin_keep_session</allow_active>
      </defaults>
    </action>
</policyconfig>