[libvirt] Libvirt 0.8.7 installer ready for testing

Justin Clift jclift at redhat.com
Tue Jan 18 18:20:45 UTC 2011


On 11/01/2011, at 1:51 AM, Matthias Bolte wrote:
> The readme suggests (at least to me) that the TLS certs for libvirt's
> TLS transport and the ESX driver using HTTPS are the same:
> 
> "TLS certificates are needed prior to connecting to either
> QEMU instances with TLS, or connecting to VMware
> ESX/vSphere."
> 
> Yes, the ESX driver (actually libcurl) needs to know the cacert.pem
> for the key that signed the HTTPS certificate in order to verify the
> server's certificate. That's what you can disable using the
> no_verify=1 query parameter. But HTTPS doesn't do mutual verification
> as libvirt's TLS transport does. There is no clientcert/key.pem
> involved in HTTPS.

Just chucked a new revision of the 0.8.7 installer on the web:

  http://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-2.exe

This one clarifies the TLS usage a bit, pretty much pointing people
to the ESX page on the main website for ESX details.

It also makes the update of the system path optional.  The way the
option is constructed leaves a bit to be desired, but is functional.
I would have preferred a checkbox that was separate from the other
components, but it didn't seem possible without spending a substantial
amount of time learning inner NSIS bits. (ugh)

Submitted an update for the Windows page to point to it, so if/when
that gets ACK'd it'll be available to more people.  Will send an announce
email to the various mailing lists too.


> Another thing is that the installer adds the bin directory to the path
> unconditionally. I'd suggest to ask to let the user choose this, for
> example like the msysGit InnoSetup-based installer does.

InnoSetup (http://www.jrsoftware.org/isinfo.php for anyone interested)
looks more capable than NSIS, and seems to still be actively updated.

NSIS's seems to have pretty much died.  I'm still thinking WiX or something
would be the better option for the longer term though.

+ Justin




More information about the libvir-list mailing list