usc: using kvmd-selfauth group instead of users list

configs/os/sysusers.conf

@@ -1,4 +1,5 @@
 g kvmd - -
+g kvmd-selfauth - -
 g kvmd-media - -
 g kvmd-pst - -
 g kvmd-ipmi - -
@@ -29,8 +30,10 @@ m kvmd-media kvmd
 m kvmd-pst kvmd
 
 m kvmd-ipmi kvmd
+m kvmd-ipmi kvmd-selfauth
 
 m kvmd-vnc kvmd
+m kvmd-vnc kvmd-selfauth
 m kvmd-vnc kvmd-certbot
 
 m kvmd-janus kvmd

kvmd/apps/__init__.py

@@ -362,11 +362,8 @@ def _get_config_scheme() -> dict:
                 "expire":  Option(0,    type=valid_expire),
 
                 "usc": {
-                    "users":  Option([
+                    "users":  Option([], type=valid_users_list),  # PiKVM username has a same regex as a UNIX username
-                        "kvmd-ipmi",
+                    "groups": Option(["kvmd-selfauth"], type=valid_users_list),  # groupname has a same regex as a username
-                        "kvmd-vnc",
-                    ], type=valid_users_list),  # PiKVM username has a same regex as a UNIX username
-                    "groups": Option([], type=valid_users_list),  # groupname has a same regex as a username
                 },
 
                 "internal": {

kvmd/apps/kvmd/auth.py

@@ -85,7 +85,7 @@ class AuthManager:  # pylint: disable=too-many-arguments,too-many-instance-attri
 
         self.__usc_uids = self.__load_usc_uids(usc_users, usc_groups)
         if self.__usc_uids:
-            logger.info("Unauth UNIX socket access is allowed for users: %s",
+            logger.info("Selfauth UNIX socket access is allowed for users: %s",
                         list(self.__usc_uids.values()))
 
         self.__unauth_paths = frozenset(unauth_paths)  # To speed up