In order to avoid conflict with the default port (5900) for host VNC server (vino-server for example), or to conflict with X11 (starting at port 6000), restrict range of ports to 5901-5999 unless explicitly specified in qemu.conf. On the other hand, if port range is explicitly specified in qemu.conf, there is no reason not to allow ports 1024-5900 (system ports are below 1024). Addresses https://bugzilla.redhat.com/show_bug.cgi?id=1442235 Signed-off-by: Christophe de Dinechin <dinechin@xxxxxxxxxx> --- src/qemu/qemu_conf.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 1b704da..07f3177 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -65,9 +65,15 @@ VIR_LOG_INIT("qemu.qemu_conf"); * This limitation is mentioned in qemu.conf, so bear in mind that the * configuration file should reflect any changes made to these values. */ -#define QEMU_REMOTE_PORT_MIN 5900 + +// Range of available ports - Avoid ports below 1024 (system ports) +#define QEMU_REMOTE_PORT_MIN 1024 #define QEMU_REMOTE_PORT_MAX 65535 +// Default min and max if not configured in qemu.conf +#define QEMU_REMOTE_PORT_MIN_DEFAULT 5901 +#define QEMU_REMOTE_PORT_MAX_DEFAULT 5999 + #define QEMU_WEBSOCKET_PORT_MIN 5700 #define QEMU_WEBSOCKET_PORT_MAX 65535 @@ -283,8 +289,8 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged) #undef SET_TLS_X509_CERT_DEFAULT - cfg->remotePortMin = QEMU_REMOTE_PORT_MIN; - cfg->remotePortMax = QEMU_REMOTE_PORT_MAX; + cfg->remotePortMin = QEMU_REMOTE_PORT_MIN_DEFAULT; + cfg->remotePortMax = QEMU_REMOTE_PORT_MAX_DEFAULT; cfg->webSocketPortMin = QEMU_WEBSOCKET_PORT_MIN; cfg->webSocketPortMax = QEMU_WEBSOCKET_PORT_MAX; -- 2.9.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
