This series enables use of qemu's -vnc unix:/some/socket/path functionality.
A qemu.conf option is provided to make this the default for VNC devices
without an explicit listen or socket value.
Serving VNC over a unix socket prevents unprivileged local users from
accessing a guest's console. The downside is that no clients currently
support it (though virt-manager support is ready), and certain
common usage scenarios cannot handle the tighter permissions (like a
regular user connecting to qemu:///system with policykit).
v2:
schema: Make listen vs. socket a <choice>
Add qemu.conf option for auto allocating a socket
Cole Robinson (3):
qemu: Set domain def transient at beginning of startup process
qemu: Allow serving VNC over a unix domain socket
qemu: Add conf option to auto setup VNC unix sockets
docs/formatdomain.html.in | 6 ++-
docs/schemas/domain.rng | 47 ++++++++++------
src/conf/domain_conf.c | 41 +++++++++-----
src/conf/domain_conf.h | 4 +-
src/lxc/lxc_driver.c | 2 +-
src/qemu/qemu.conf | 8 +++
src/qemu/qemu_command.c | 60 ++++++++++++++------
src/qemu/qemu_conf.c | 4 +
src/qemu/qemu_conf.h | 1 +
src/qemu/qemu_driver.c | 14 +++--
src/test/test_driver.c | 2 +-
src/uml/uml_driver.c | 2 +-
tests/qemuargv2xmltest.c | 1 +
.../qemuxml2argv-graphics-vnc-socket.args | 1 +
.../qemuxml2argv-graphics-vnc-socket.xml | 30 ++++++++++
tests/qemuxml2argvtest.c | 1 +
16 files changed, 164 insertions(+), 60 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-socket.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-socket.xml
--
1.7.3.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list