Skip to content

libvirt group check causes false positives #11730

New issue
New issue
Closed
#11842
Closed
libvirt group check causes false positives#11730
#11842
Labels
co/kvm2-driverKVM2 driver related issueskind/bugCategorizes issue or PR as related to a bug.os/linuxpriority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.
@leoluk

Description

@leoluk
leoluk
opened on Jun 22, 2021

PR #10712 checks whether the user is in the libvirt group.

However, there's many ways to give users permissions to use system libvirt that do not involve this group. It may be named differently, may be pointing to a remote libvirt instance, or a polkit rule like this one may be used:

polkit.addRule(function(action, subject) {
    if (action.id == "org.libvirt.unix.manage" &&
        subject.isInGroup("wheel")) {
            return polkit.Result.YES;
    }
});

Minikube should first check whether it can actually access libvirt, and only then check for the missing group. Using --force is not an appropriate workaround since that would skip other safety checks, too.

Related:

Metadata

Metadata

Assignees

No one assigned

    Labels

    co/kvm2-driverKVM2 driver related issueskind/bugCategorizes issue or PR as related to a bug.os/linuxpriority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions