On Fri, Oct 12, 2007 at 03:44:18AM -0400, Daniel Veillard wrote: > On Thu, Oct 11, 2007 at 10:52:13PM +0100, Daniel P. Berrange wrote: > > The QEMU VNC server spawned by the QEMU driver in libvirt is hardcoded to > > start off on 127.0.0.1, unless the person creating a guest overides this in > > the XML passed to libvirt. If wanting to setup off-host VNC access, it is > > much much more convenient to be able to set the system wide default to be > > 0.0.0.0 than to specify 0.0.0.0 for each VM created. > > > > In addition, it is desirable to be able to configure use of TLS and x509 > > certificates for the VNC servers system wide. > > > > In Xen world this is already possible through the /etc/xen/xend-config.sxp > > configuration file. > > > > In QEMU world, libvirtd takes the place of XenD. The /etc/libvirt/libvirtd.conf > > file though is for the daemon as a whole. There is no config file for the > > QEMU driver in libvirt itself. So this patch extends the QEMU driver to be > > able to load /etc/libvirt/qemu.conf and configure a handful of options. > > > > - vnc_listen = "0.0.0.0" - the address for VNC to listen on. Defaults > > to 127.0.0.1 for security sake > > - vnc_tls = 1 - turn on use of TLS extension > > - vnc_tls_x509_verify - request client certificates for auth > > - vnc_tls_cert_dir - the location of the VNC server certs. > > Defaults to /etc/pki/libvirt-vnc > > > > The code for building command line args for the -vnc flag to QEMU takes > > care to look at these options & add approprivate syntax. > > Sounds sensible, but shouldn't we provide a default qemu.conf example with > a detail of the options, in which case the file should also be added, > and the Makefile.am/libvirt.spec.in should be extended for it, no ?. We don't > do this apparently for libvirtd.conf maybe that should be fixed too, I'm a > bit worried if configuration files start to pop out and the user can't easilly > find out they exist and how they should be used, default templates sounds > the best approach to me. Good idea. I've committed this patch, and also added the example config files libvirtd.conf and qemu.conf - all the values are commented out in the configs so they use defaults out of the box. I included inline docs too, since people often forget to look at the website for this info, though we should really have a man page for the config files.... Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list