When using TLS authentication and operating as the non-root user,
initially attempt to use that specific user's TLS certificates before
attempting to use the system wide TLS certificates.
Signed-off-by: Doug Goldstein <cardoe@xxxxxxxxxx>
---
src/remote/remote_driver.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 8c69743..1691dab 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -1159,7 +1159,7 @@ initialize_gnutls(char *pkipath, int flags)
if ((virAsprintf(&libvirt_clientcert, "%s/%s", pkipath,
"clientcert.pem")) < 0)
goto out_of_memory;
- } else if (flags & VIR_DRV_OPEN_REMOTE_USER) {
+ } else if (flags & VIR_DRV_OPEN_REMOTE_USER || getuid() > 0) {
userdir = virGetUserDirectory(getuid());
if (!userdir)
--
1.7.5.rc3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list