~ruther/guix-local

b69bdcf77f8240ba8241be12ba2b0ebd55abcb38 — Maxim Cournoyer 2 years ago 1d4db94 
doc: Fix doc and clarify how to use libvirt as unprivileged user.

* doc/guix.texi (Virtualization Services): Document the necessity of being
part of the "libvirt" group and augment example.  Remove extraneous
"(unix-sock-group "libvirt")" from example, as this is now the default value.
Update default documented value from "root" to "libvirt".

Fixes: https://issues.guix.gnu.org/34611
Reported-by: Brett Gilio <brettg@posteo.net>
Change-Id: I5fe17706f69db55fbd661e0a43115c56d0ffd9a9
patch browse .tar.gz 
1 files changed, 11 insertions(+), 4 deletions(-)

M doc/guix.texi

M doc/guix.texi => doc/guix.texi +11 -4
@@ 35174,17 35174,24 @@ services.
@subsubheading Libvirt daemon

@code{libvirtd} is the server side daemon component of the libvirt
virtualization management system.  This daemon runs on host servers
and performs required management tasks for virtualized guests.
virtualization management system.  This daemon runs on host servers and
performs required management tasks for virtualized guests.  To connect
to the libvirt daemon as an unprivileged user, it must be added to the
@samp{libvirt} group, as shown in the example below.

@defvar libvirt-service-type
This is the type of the @uref{https://libvirt.org, libvirt daemon}.
Its value must be a @code{libvirt-configuration}.

@lisp
(users (cons (user-account
              (name "user")
              (group "users")
              (supplementary-groups '("libvirt"
                                      "audio" "video" "wheel")))
             %base-user-accounts))
(service libvirt-service-type
         (libvirt-configuration
          (unix-sock-group "libvirt")
          (tls-port "16555")))
@end lisp
@end defvar


@@ 35266,7 35273,7 @@ UNIX domain socket group ownership.  This can be used to allow a
'trusted' set of users access to management capabilities without
becoming root.

Defaults to @samp{"root"}.
Defaults to @samp{"libvirt"}.

@end deftypevr