"socket" parameter for UNIX domain socket ignored?

[alexs77]

System Information

Linux distribution

Red Hat Enterprise Linux release 8.8 (Ootpa)

Terraform version

# terraform -v
Terraform v1.5.7
on linux_amd64
+ provider registry.terraform.io/dmacvicar/libvirt v0.7.1

Provider and libvirt versions

# .terraform/providers/registry.terraform.io/dmacvicar/libvirt/0.7.1/linux_amd64/terraform-provider-libvirt_v0.7.1 -version
.terraform/providers/registry.terraform.io/dmacvicar/libvirt/0.7.1/linux_amd64/terraform-provider-libvirt_v0.7.1 0.7.1

---

Checklist

• Is your issue/contribution related with enabling some setting/option exposed by libvirt that the plugin does not yet support, or requires changing/extending the provider terraform schema?

  • Make sure you explain why this option is important to you, why it should be important to everyone. Describe your use-case with detail and provide examples where possible.
  • If it is a very special case, consider using the XSLT support in the provider to tweak the definition instead of opening an issue
  • Maintainers do not have expertise in every libvirt setting, so please, describe the feature and how it is used. Link to the appropriate documentation

• Is it a bug or something that does not work as expected? Please make sure you fill the version information below:

Description of Issue/Question

Setup

terraform {
  required_providers {
    libvirt = {
      source = "dmacvicar/libvirt"
      version = "0.7.1"
    }
  }
}

provider "libvirt" {
  uri = "unix:///?socket=/var/run/libvirt/libvirt-sock"
}

resource "libvirt_domain" "default" {
  name = "test"
}

Steps to Reproduce Issue

It seems as if the socket parameter is ignored. It always tries to connect to the default file: defaultUnixSock = "/var/run/libvirt/libvirt-sock".

The directory /var/run/libvirt contains these files:

# ls -la /var/run/libvirt
total 0
drwxr-xr-x. 12 root root  360 Sep 12 06:37 .
drwxr-xr-x. 44 root root 1340 Sep 12 06:37 ..
drwx------.  2 root root   60 Apr 11 06:44 common
drwxr-xr-x.  2 root root   40 Apr  3 13:33 hostdevmgr
drwx------.  2 root root   60 Sep 12 06:37 interface
srw-------.  1 root root    0 Sep 12 06:37 libvirt-admin-sock
srw-rw-rw-.  1 root root    0 Sep 12 06:37 libvirt-sock
srw-rw-rw-.  1 root root    0 Sep 12 06:37 libvirt-sock-ro
drwxr-xr-x.  2 root root  100 Sep 12 06:37 network
drwx------.  2 root root   60 Sep 12 06:37 nodedev
drwx------.  2 root root   60 Sep 12 06:37 nwfilter
drwx------.  2 root root   40 Apr  3 13:33 nwfilter-binding
drwxr-xr-x.  4 root root  240 Sep 12 06:37 qemu
drwx------.  2 root root   60 Sep 12 06:37 secrets
drwxr-xr-x.  2 root root  100 Sep 12 06:37 storage
srw-------.  1 root root    0 Apr  3 13:33 virtlockd-sock
srw-------.  1 root root    0 Apr  3 13:33 virtlogd-admin-sock
srw-------.  1 root root    0 Apr  3 13:33 virtlogd-sock

(Include debug logs if possible and relevant).

tf-debug-trace.log

---

Additional information:

Do you have SELinux or Apparmor/Firewall enabled? Some special configuration?
Have you tried to reproduce the issue without them enabled?

n/a

[noderunner]

I was having a similar issue and looked into this. The default socket URI is hard-coded. Initially, I started working on a patch by adding a new field to schema.Provider in libvirt/provider.go and then modifying libvirt/uri/unix.go to pick up that field if defined. That should work as a viable way to allow the default socket URI to be customized.

But then I dug into how libvirt works a bit more. The reason I had a need to change it is that I'm running libvirtd with qemu in "session" mode so that I don't have to run as root. But after carefully reading https://libvirt.org/daemons.html I switched my config to running qemuvirtd in (modular) instead of libvirtd (monolith) in session mode. Once I enabled virtproxyd as well, it "proxied" the UNIX sock connection from the (old) default /var/run/libvirt/libvirt-sock location to my actual socket location. Everything worked at that point without having to make any modifications to the provider.