[libvirt] [PATCH 2/3] qemu: Allow serving VNC over a unix domain socket
Daniel P. Berrange
berrange at redhat.com
Thu Jan 13 13:24:01 UTC 2011
On Wed, Jan 12, 2011 at 12:32:43PM -0500, Cole Robinson wrote:
> QEMU supports serving VNC over a unix domain socket rather than traditional
> TCP host/port. This is specified with:
>
> <graphics type='vnc' socket='/foo/bar/baz'/>
>
> This provides better security access control than VNC listening on
> 127.0.0.1, but will cause issues with tools that rely on the lax security
> (virt-manager in fedora runs as regular user by default, and wouldn't be
> able to access a socket owned by 'qemu' or 'root').
>
> Also not currently supported by any clients, though I have patches for
> virt-manager, and virt-viewer should be simple to update.
>
> v2:
> schema: Make listen vs. socket a <choice>
>
> Signed-off-by: Cole Robinson <crobinso at redhat.com>
> ---
> docs/formatdomain.html.in | 6 ++-
> docs/schemas/domain.rng | 47 +++++++++++-------
> src/conf/domain_conf.c | 30 +++++++----
> src/conf/domain_conf.h | 1 +
> src/qemu/qemu_command.c | 52 +++++++++++++-------
> src/qemu/qemu_driver.c | 1 +
> tests/qemuargv2xmltest.c | 1 +
> .../qemuxml2argv-graphics-vnc-socket.args | 1 +
> .../qemuxml2argv-graphics-vnc-socket.xml | 30 +++++++++++
> tests/qemuxml2argvtest.c | 1 +
> 10 files changed, 122 insertions(+), 48 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-socket.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-socket.xml
ACK
My only thought would be whether 'socket' is the best name.
Perhaps 'sockpath' or 'path' would be better, but its not
a big deal ?
Daniel
More information about the libvir-list
mailing list