26 lines
1.4 KiB
YAML
26 lines
1.4 KiB
YAML
# Copyright (c) 2015 Hewlett-Packard Development Company, L.P.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
---
|
|
- name: "Create libvirt group on RedHat/Centos"
|
|
group: name=libvirt
|
|
# NOTE(TheJulia): Modify the supplied libvirtd config as by default,
|
|
# access to libvirt is restricted to the root group via polkit.
|
|
- name: "Update libvirt configuration file on RedHat/CentOS so the libvirt group has access"
|
|
lineinfile: dest=/etc/libvirt/libvirtd.conf regexp=^unix_sock_group line='unix_sock_group = "libvirt"'
|
|
- name: "Change libvirt authentication to none as RedHat/CentOS use polkit by default"
|
|
lineinfile: dest=/etc/libvirt/libvirtd.conf regexp=^auth_unix_rw line='auth_unix_rw = "none"'
|
|
- name: "Change libvirt socket permissions to be restricted on RedHat/CentOS"
|
|
lineinfile: dest=/etc/libvirt/libvirtd.conf regexp=^unix_sock_rw_perms line='unix_sock_rw_perms = "0770"'
|