Using Virtual Machine Manager to remote to another VMM failing
- OS: CentOS 7.3.1611
Two identically configured CentOS 7.3.1611 servers except for name and IP.
Joined to an AD Domain.
Logged into using AD credentials.
Using Virtual Machine Manager to remote connect from ServerA to ServerB, I can tell the authentication is working, according to:
systemctl status sshd
But I’m getting:
Unable to connect to libvirt. authentication unavailable: no polkit agent available to authenticate action `org.libvirt.unix.manage' Verify that the 'libvirtd' deamon is running on the remote host.
This is the same as according to:
systemctl status libvirtd.service
Full details on the failed connection as reported by VMM are:
Unable to connect to libvirt. authentication unavailable: no polkit agent available to authenticate action 'org.libvirt.unix.manage' Verify that the 'libvirtd' daemon is running on the remote host. Libvirt URI is: qemu+ssh://ADAccount@10.12.40.124/system Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/connection.py", line 904, in _do_open self._backend.open(self._do_creds_password) File "/usr/share/virt-manager/virtinst/connection.py", line 148, in open open_flags) File "/usr/lib64/python2.7/site-packages/libvirt.py", line 105, in openAuth if ret is None:raise libvirtError('virConnectOpenAuth() failed') libvirtError: authentication unavailable: no polkit agent available to authenticate action 'org.libvirt.unix.manage'
@sudburr I’m not sure what is going on or what you’re trying to do - but virt-manager typically only connects to hosting systems via SSH, not the guests. Virt-Manager provides direct console access to guests, but SSH to the guest is not involved in this, it’s via ssh to the host.
Okay, so I figured out that I need to allow a group to have remote libvirt SSH
Entering the following:
[Remote libvirt SSH access] Identity=unix-group:remote-libvirt Action=org.libvirt.unix.manage ResultAny=yes ResultInactive=yes ResultActive=yes
The next problem is that I want to add the ADGroup to the local group “remote-libvirt”