Re: [libvirt] listen_tls not enabling libvirtd to listen for tls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Thu, May 15, 2008 at 10:21:46AM -0400, Daniel Veillard wrote:
> > On Tue, May 13, 2008 at 05:04:43PM +0300, Kenneth Nagin wrote:
> > > > Kenneth Nagin wrote:
> > > > > libvirtd is not listening for TLS connection by default.
> > > > > Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not
help
> > > > > either.
> > > > > However, starting 'libvirtd --listen' does work.
> > > > > I'm running Fedora 8.   I prefer to use the configuration file
since
> > > > > it is automatically started when the system reboots.  Does anyone
> > > > > know how to configure libvirtd to listen for tls?
> > > >
> > > > Yes.  As you found out, there are 2 things you need to do, the
first
> > > > of which is
> > > > to instruct libvirtd to listen, and the second of which is to make
> > > > it listen for
> > > > TLS.  You can accomplish the first on Fedora by editing
> > > > /etc/sysconfig/libvirtd
> > > > and uncommenting the LIBVIRTD_ARGS="--listen" line.  You can
accomplish
> > > the
> > > > second by edit /etc/libvirt/libvirtd.conf by uncommenting the
> "listen_tls
> > > = 1"
> > > > line.  Then "service libvirtd restart", and you should be goodto go
(this
> > > will
> > > > also preserve the configuration across reboots).
> > > >
> > > > Chris Lalancette
> > > Thanks for the quick response.  That solved the problem.  I suggest
> > > updating the web document on
> > > remote support.
> >
> >   Even better, send us a patch with your suggested documentation
udate :-)
> > The web site is a checkout of the libvirt CVS docs subdirectory. Do a
> > CVS checkout, edit remote.html.in and send us the diff, it's not hard
> > and may help others !
>
> Since 0.4.1  the default configuration file has comments right next to
> the 'listen_tls' and 'listen_tcp' options explicitly saying you need
> to add the --listen flag.
>
> Regards,
> Daniel.
> --
> |: Red Hat, Engineering, Boston   -o-
http://people.redhat.com/berrange/ :|
> |: http://libvirt.org  -o-  http://virt-manager.org  -o-
http://ovirt.org :|
> |: http://autobuild.org       -o-
http://search.cpan.org/~danberr/ :|
> |: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B
9505 :|
Per your request I created this attached updated remote.html.in file:
(See attached file: remote.html.in.nagin)
This is the diff:
[nagin@lnx-nagin docs]$ diff remote.html.in remote.html.in.nagin
654a655,657
>   Note: it is also necessary to start the server in listening mode by
>   running it with --listen or editing /etc/sysconfig/libvirtd by
uncommenting the LIBVIRTD_ARGS="--listen" line
>   to cause the server to come up in listening mode whenever it is
started.
661a665
>   Note: it is also necessary to start the server in listening mode.

I hope these updates are acceptable.
- Kenneth Nagin

Attachment: remote.html.in.nagin
Description: Binary data

--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]