> On Thu, May 15, 2008 at 10:21:46AM -0400, Daniel Veillard wrote: > > On Tue, May 13, 2008 at 05:04:43PM +0300, Kenneth Nagin wrote: > > > > Kenneth Nagin wrote: > > > > > libvirtd is not listening for TLS connection by default. > > > > > Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not help > > > > > either. > > > > > However, starting 'libvirtd --listen' does work. > > > > > I'm running Fedora 8. I prefer to use the configuration file since > > > > > it is automatically started when the system reboots. Does anyone > > > > > know how to configure libvirtd to listen for tls? > > > > > > > > Yes. As you found out, there are 2 things you need to do, the first > > > > of which is > > > > to instruct libvirtd to listen, and the second of which is to make > > > > it listen for > > > > TLS. You can accomplish the first on Fedora by editing > > > > /etc/sysconfig/libvirtd > > > > and uncommenting the LIBVIRTD_ARGS="--listen" line. You can accomplish > > > the > > > > second by edit /etc/libvirt/libvirtd.conf by uncommenting the > "listen_tls > > > = 1" > > > > line. Then "service libvirtd restart", and you should be goodto go (this > > > will > > > > also preserve the configuration across reboots). > > > > > > > > Chris Lalancette > > > Thanks for the quick response. That solved the problem. I suggest > > > updating the web document on > > > remote support. > > > > Even better, send us a patch with your suggested documentation udate :-) > > The web site is a checkout of the libvirt CVS docs subdirectory. Do a > > CVS checkout, edit remote.html.in and send us the diff, it's not hard > > and may help others ! > > Since 0.4.1 the default configuration file has comments right next to > the 'listen_tls' and 'listen_tcp' options explicitly saying you need > to add the --listen flag. > > Regards, > Daniel. > -- > |: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :| > |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| > |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| > |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| Per your request I created this attached updated remote.html.in file: (See attached file: remote.html.in.nagin) This is the diff: [nagin@lnx-nagin docs]$ diff remote.html.in remote.html.in.nagin 654a655,657 > Note: it is also necessary to start the server in listening mode by > running it with --listen or editing /etc/sysconfig/libvirtd by uncommenting the LIBVIRTD_ARGS="--listen" line > to cause the server to come up in listening mode whenever it is started. 661a665 > Note: it is also necessary to start the server in listening mode. I hope these updates are acceptable. - Kenneth Nagin
Attachment:
remote.html.in.nagin
Description: Binary data
-- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list