On Fri, 2011-01-07 at 11:47 +0000, Daniel P. Berrange wrote: > > The option only really makes sense if either vnc_tls_x509_verify or > > vnc_sasl is set as well, so it may be worth only activating 'acl' in the > > code if either of those two are also on. > > If you enable 'acl' and don't add any rules to the ACL, then > no one will be able to connect. So we can't automatically > add ',acl' when either of those two options you mention are > present, because that would break all existing usage. Yes. I'm not suggesting automatically. That obviously wouldn't work. What I was asking is if vnc_acl=1 should it add it regardless of the other options or only when either 'vnc_sasl=1' or 'vnc_tls_x509_verify=1' as well. Regards Neil -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list