diff options
author | Manuel Bentele | 2021-02-08 10:07:38 +0100 |
---|---|---|
committer | Manuel Bentele | 2021-02-08 10:07:38 +0100 |
commit | bd52d04d486fafb7b781b3d7ee4eff936a17c53a (patch) | |
tree | 02459721bfabba4e16d93e649b34b1ad3c6a58a4 | |
parent | [libvirt] Remove default network configuration (diff) | |
download | mltk-bd52d04d486fafb7b781b3d7ee4eff936a17c53a.tar.gz mltk-bd52d04d486fafb7b781b3d7ee4eff936a17c53a.tar.xz mltk-bd52d04d486fafb7b781b3d7ee4eff936a17c53a.zip |
[libvirt] Add user and groups to run libvirt
-rwxr-xr-x | core/modules/libvirt/data/addon-init | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/core/modules/libvirt/data/addon-init b/core/modules/libvirt/data/addon-init index 8070d171..034eb22a 100755 --- a/core/modules/libvirt/data/addon-init +++ b/core/modules/libvirt/data/addon-init @@ -1,4 +1,82 @@ #!/bin/ash +# +# allocated UID and GID for libvirt-qemu +# +LIBVIRT_QEMU_UID=64055 +LIBVIRT_QEMU_GID=64055 + +# +# add groups to run libvirt +# +if ! getent group libvirt >/dev/null; then + addgroup --quiet --system libvirt +fi + +if ! getent group kvm >/dev/null; then + addgroup --quiet --system kvm +fi + +# +# add user and group libvirt runs qemu/kvm instances with +# +if ! getent passwd libvirt-qemu >/dev/null; then + + # set uid if available (expected); don't fail otherwise. + PARAMETER_UID='' + if ! getent passwd $LIBVIRT_QEMU_UID >/dev/null; then + PARAMETER_UID="--uid $LIBVIRT_QEMU_UID" + fi + + adduser --quiet \ + --system \ + --ingroup kvm \ + --quiet \ + --disabled-login \ + --disabled-password \ + --home /var/lib/libvirt \ + --no-create-home \ + --gecos "Libvirt Qemu" \ + $PARAMETER_UID \ + libvirt-qemu +fi + +if ! getent group libvirt-qemu >/dev/null; then + + # set gid if available (expected); don't fail otherwise. + PARAMETER_GID='' + if ! getent group $LIBVIRT_QEMU_GID >/dev/null; then + PARAMETER_GID="--gid $LIBVIRT_QEMU_GID" + fi + + addgroup --quiet --system $PARAMETER_GID libvirt-qemu + adduser --quiet libvirt-qemu libvirt-qemu +fi + +# +# add each sudo user to the libvirt group +# +for u in $(getent group sudo | sed -e "s/^.*://" -e "s/,/ /g"); do + adduser "$u" libvirt >/dev/null || true +done + +if ! getent group libvirt-dnsmasq >/dev/null; then + addgroup --quiet --system libvirt-dnsmasq +fi +if ! getent passwd libvirt-dnsmasq >/dev/null; then + adduser --quiet \ + --system \ + --ingroup libvirt-dnsmasq \ + --disabled-login \ + --disabled-password \ + --home /var/lib/libvirt/dnsmasq \ + --no-create-home \ + --gecos "Libvirt Dnsmasq" \ + libvirt-dnsmasq +fi + +# +# register and start libvirt service +# systemctl daemon-reload systemctl start libvirtd.service |