Puppet Class: libvirt::polkit

Defined in:

manifests/polkit.pp

Overview

Add a rule file allowing members of a group to use libvirt

Parameters:

• ensure (Enum['present','absent']) (defaults to: 'present') —

  Create or destroy the rules file

• group (Variant[String,Array[String]]) (defaults to: 'virtusers') —

  The group that membership is checked against

• priority (Integer[0,99]) (defaults to: 10) —

  Priority of the file to be created

• result (Polkit::Result) (defaults to: 'yes') —

  Deny of approve access

• local (Boolean) (defaults to: true) —

  Require users to be at a local seat

• active (Boolean) (defaults to: true) —

  Require users to have an active session

Author:

• github.com/simp/pupmod-simp-libvirt/graphs/contributors

# File 'manifests/polkit.pp', line 23

class libvirt::polkit (
  Enum['present','absent']      $ensure   = 'present',
  Variant[String,Array[String]] $group    = 'virtusers',
  Integer[0,99]                 $priority = 10,
  Polkit::Result                $result   = 'yes',
  Boolean                       $local    = true,
  Boolean                       $active   = true
) {

  polkit::authorization::basic_policy { "Allow users in ${group} to use libvirt":
    ensure    => $ensure,
    group     => $group,
    priority  => $priority,
    result    => $result,
    local     => $local,
    active    => $active,
    action_id => 'org.libvirt.unix.manage'
  }
}