Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 835950

Summary: app-emulation/virt-manager does not have acct-group/libvirt as a dependency
Product: Gentoo Linux Reporter: max <maxpeterambaum>
Component: Current packagesAssignee: Virtualization Team <virtualization>
Status: UNCONFIRMED ---    
Severity: normal CC: gentoo, sam
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description max 2022-03-24 18:28:51 UTC
Title says it all
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-03-24 18:40:48 UTC
The title doesn't really say it all.

This is a complicated one:
1. virt-manager can be used remotely
2. libvirt itself only even uses the group with USE=polkit
Comment 2 max 2022-03-27 10:45:19 UTC
Sorry for the late reply :(
Could it be displayed in the info after you install a package so people know about it if they need it?
Comment 3 Michal Privoznik 2022-04-07 20:15:03 UTC
So would it make sense to require libvirt with the same state of policykit USE flag as libvirt? I mean, IIUC the problem is virt-manager was built with policykit but libvirt wasn't.

And while it's true that virt-manger can be used remotely there's no way to guarantee that on ebuild level. I mean, libvirt.so (to which virt-manager ultimately links to) is not in a separate package. Unless we want to fine tune the dependency (libvirt built without libvirtd/lxc/qemu/virtualbox/... USE flags). And even then, libvirt has these "local" drivers (like virtualbox) where it's just a very thin layer that translates hypervisor APIs onto libvirt APIs (virtualbox is perfect example). But then again, policykit would be a problem iff libvirt was built with policykit.

If we agree I can post a fix.
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-04-07 20:19:34 UTC
(In reply to Michal Privoznik from comment #3)
> So would it make sense to require libvirt with the same state of policykit
> USE flag as libvirt? I mean, IIUC the problem is virt-manager was built with
> policykit but libvirt wasn't.
> 
> And while it's true that virt-manger can be used remotely there's no way to
> guarantee that on ebuild level. I mean, libvirt.so (to which virt-manager
> ultimately links to) is not in a separate package. Unless we want to fine
> tune the dependency (libvirt built without libvirtd/lxc/qemu/virtualbox/...
> USE flags). And even then, libvirt has these "local" drivers (like
> virtualbox) where it's just a very thin layer that translates hypervisor
> APIs onto libvirt APIs (virtualbox is perfect example). But then again,
> policykit would be a problem iff libvirt was built with policykit.
> 
> If we agree I can post a fix.

I think a policykit= dep on libvirt would work. Interestingly virt-manager isn't even depending on libvirt at all (directly) right now, but AFAIK it *does* need libvirt to do the remote connection, right?
Comment 5 Conrad Kostecki gentoo-dev 2022-07-09 22:19:26 UTC
@Michal: There is a question from Sam open :-)