[libvirt] [PATCH 3/3] qemu: Add conf option to auto setup VNC unix sockets

Cole Robinson crobinso at redhat.com
Fri Jan 21 21:23:18 UTC 2011 

On 01/14/2011 09:26 AM, Cole Robinson wrote:
> On 01/13/2011 08:21 AM, Daniel P. Berrange wrote:
>> On Wed, Jan 12, 2011 at 12:32:44PM -0500, Cole Robinson wrote:
>>> If vnc_auto_unix_socket is enabled, any VNC devices without a hardcoded
>>> listen or socket value will be setup to serve over a unix socket in
>>> /var/lib/libvirt/qemu/$vmname.vnc.
>>>
>>> We store the generated socket path in the transient VM definition at
>>> CLI build time.
>>>
>>> Signed-off-by: Cole Robinson <crobinso at redhat.com>
>>> ---
>>>  src/qemu/qemu.conf      |    8 ++++++++
>>>  src/qemu/qemu_command.c |   10 +++++++++-
>>>  src/qemu/qemu_conf.c    |    4 ++++
>>>  src/qemu/qemu_conf.h    |    1 +
>>>  4 files changed, 22 insertions(+), 1 deletions(-)
>>
>> Also needs to change the 2 augeas data files in the
>> qemu directory.
>>
>>> diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
>>> index ba41f80..ae6136f 100644
>>> --- a/src/qemu/qemu.conf
>>> +++ b/src/qemu/qemu.conf
>>> @@ -11,6 +11,14 @@
>>>  #
>>>  # vnc_listen = "0.0.0.0"
>>>  
>>> +# Enable this option to have VNC served over an automatically created
>>> +# unix socket. This prevents unprivileged access from users on the
>>> +# host machine, though most VNC clients do not support it.
>>> +#
>>> +# This will only be enabled for VNC configurations that do not have
>>> +# a hardcoded 'listen' or 'socket' value.
>>> +#
>>> +# vnc_auto_unix_socket = 1
>>
>> We likely need to indicate in here which of 'vnc_auto_unix_socket'
>> and 'vnc_listen' take priority if both are enabled, since they
>> are mutually exclusive. It looks like vnc_listen is totally
>> ignored, if auto_unix_socket is set.
>>
>>> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
>>> index 8e86f43..5015935 100644
>>> --- a/src/qemu/qemu_command.c
>>> +++ b/src/qemu/qemu_command.c
>>> @@ -3512,7 +3512,15 @@ qemuBuildCommandLine(virConnectPtr conn,
>>>          def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
>>>          virBuffer opt = VIR_BUFFER_INITIALIZER;
>>>  
>>> -        if (def->graphics[0]->data.vnc.socket) {
>>> +        if (def->graphics[0]->data.vnc.socket ||
>>> +            driver->vncAutoUnixSocket) {
>>> +
>>> +            if (!def->graphics[0]->data.vnc.socket &&
>>> +                virAsprintf(&def->graphics[0]->data.vnc.socket,
>>> +                            "%s/%s.vnc", driver->libDir, def->name) == -1) {
>>> +                goto no_memory;
>>> +            }
>>> +
>>>              virBufferVSprintf(&opt, "unix:%s",
>>>                                def->graphics[0]->data.vnc.socket);
>>>  
>>> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
>>> index e1502dc..9f9e99e 100644
>>> --- a/src/qemu/qemu_conf.c
>>> +++ b/src/qemu/qemu_conf.c
>>> @@ -138,6 +138,10 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
>>>          return -1;                                                      \
>>>      }
>>>  
>>> +    p = virConfGetValue (conf, "vnc_auto_unix_socket");
>>> +    CHECK_TYPE ("vnc_auto_unix_socket", VIR_CONF_LONG);
>>> +    if (p) driver->vncAutoUnixSocket = p->l;
>>> +
>>>      p = virConfGetValue (conf, "vnc_tls");
>>>      CHECK_TYPE ("vnc_tls", VIR_CONF_LONG);
>>>      if (p) driver->vncTLS = p->l;
>>> diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
>>> index 5a5748b..af1be2e 100644
>>> --- a/src/qemu/qemu_conf.h
>>> +++ b/src/qemu/qemu_conf.h
>>> @@ -82,6 +82,7 @@ struct qemud_driver {
>>>      char *cacheDir;
>>>      char *saveDir;
>>>      char *snapshotDir;
>>> +    unsigned int vncAutoUnixSocket : 1;
>>>      unsigned int vncTLS : 1;
>>>      unsigned int vncTLSx509verify : 1;
>>>      unsigned int vncSASL : 1;
>>
> 
> Here's the diff:
> 
> diff --git a/daemon/test_libvirtd.aug b/daemon/test_libvirtd.aug
> index 5f8b644..31fa643 100644
> --- a/daemon/test_libvirtd.aug
> +++ b/daemon/test_libvirtd.aug
> @@ -271,6 +271,9 @@ log_filters=\"a\"
> 
>  # Auditing:
>  audit_level = 2
> +
> +# VNC socket
> +vnc_auto_unix_socket = 1
>  "
> 
>     test Libvirtd.lns get conf =
> @@ -549,3 +552,6 @@ audit_level = 2
>         { "#empty" }
>          { "#comment" = "Auditing:" }
>          { "audit_level" = "2" }
> +        { "#empty" }
> +        { "#comment" = "VNC socket:" }
> +        { "vnc_auto_unix_socket" = "1" }
> diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
> index ae6136f..66310d4 100644
> --- a/src/qemu/qemu.conf
> +++ b/src/qemu/qemu.conf
> @@ -16,7 +16,8 @@
>  # host machine, though most VNC clients do not support it.
>  #
>  # This will only be enabled for VNC configurations that do not have
> -# a hardcoded 'listen' or 'socket' value.
> +# a hardcoded 'listen' or 'socket' value. This setting takes preference
> +# over vnc_listen.
>  #
>  # vnc_auto_unix_socket = 1
> 
> 
> Anyone have a preference over 'socket' for the XML attribute, or should
> I just push?
> 

I've pushed this series now (though I forgot to squash in the above diff, so
it was pushed as a separate commit. Sorry :( )

- Cole

More information about the libvir-list mailing list