On 5/7/21 4:08 PM, Daniel P. Berrangé wrote: > On Fri, May 07, 2021 at 03:48:42PM +0200, Michal Prívozník wrote: >> On 5/7/21 3:46 PM, Daniel P. Berrangé wrote: >>> On Fri, May 07, 2021 at 03:43:32PM +0200, Michal Prívozník wrote: >>>> On 5/7/21 2:33 PM, Daniel P. Berrangé wrote: >>>>> I'm not going to apply this yet as I realized that I have broken >>>>> internal secrets with monolithic libvirtd instead :-( >>>> >>>> You did? I've tested it (by starting a pool with a secret) and it worked. >>> >>> Secrets aren't used when starting a pool with merely encrypted vols present. >>> >>> They're only needed to perform I/O, so would have to test starting a guest, >>> or cloning a encrypted vol. Alternatively starting a RBD/iSCSI pool that >>> requires auth. >> >> Yeah, it's an iSCSI pool that requires auth. But okay, I'll try > > You did have the secret marked with private="yes" ? Yes. Michal
