I can connect to the system libvirtd on my system without password. I set this up some time ago, and forgot how, so figured I would document it.
TO check that I can connect via virsh to the libvirst unix domain socket without a password.
$ virsh -c qemu:///system list --all Id Name State ---------------------------------------------------- - cfme-tng shut off - generic shut off - pagure_pagure shut off |
How? File permissions. The socket file can be found using a command like:
$ strace virsh -c qemu:///system list --all 2>&1 | grep connect connect(5, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) connect(5, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) connect(6, {sa_family=AF_UNIX, sun_path="/var/lib/sss/pipes/nss"}, 110) = 0 connect(7, {sa_family=AF_UNIX, sun_path="/var/run/libvirt/libvirt-sock"}, 110) = 0 |
It is the last line that we care about.
[ayoung@ayoung541 rippowam]$ ls -la /var/run/libvirt/libvirt-sock srwxrwx---. 1 root libvirtd 0 May 31 09:30 /var/run/libvirt/libvirt-sock |
My user account is a member of the libvirtd group.
[ayoung@ayoung541 rippowam]$ groups ayoung wheel kvm qemu dockerroot libvirt devel openstack gss-eng-collab idm-dev-lab libvirtd docker |