[libvirt] libvirtd ssl configuration

Daniel P. Berrange berrange at redhat.com
Mon Feb 17 15:27:56 UTC 2014


On Mon, Feb 17, 2014 at 12:55:25AM +0400, Гусев Павел wrote:
> Hi!
> I found little semantics bug:
> 
> [13:53:40] root at dedicated-04:~ # LC_ALL=C libvirtd -h
> libvirtd: invalid option -- 'h'
> 
> Usage:
>   libvirtd [options]
> 
> Options:
>   -v | --verbose         Verbose messages.
>   -d | --daemon          Run as a daemon & write PID file.
>   -l | --listen          Listen for TCP/IP connections.
>   -t | --timeout <secs>  Exit after timeout period.
>   -f | --config <file>   Configuration file.
>      | --version         Display version information.
>   -p | --pid-file <file> Change name of PID file.
> 
> libvirt management daemon:
> 
>   Default paths:
> 
>     Configuration file (unless overridden by -f):
>       /etc/libvirt/libvirtd.conf
> 
>     Sockets:
>       /var/run/libvirt/libvirt-sock
>       /var/run/libvirt/libvirt-sock-ro
> 
>     TLS:
>       CA certificate:     /etc/pki/CA/caert.pem
>       Server certificate: /etc/pki/libvirt/servercert.pem
>       Server private key: /etc/pki/libvirt/private/serverkey.pem
> 
>     PID file (unless overridden by -p):
>       /var/run/libvirtd.pid
> 
> 
> I think that caert.pem should be cacert.pem =)

Yes indeed. You don't mention what version of libvirt you have here ?

It appears that we fixed this typo in the 1.1.3 release though:

  commit 521b78d0afb9aff3c9f8d593e63c3d94b8f28f5d
  Author: Christophe Fergeau <cfergeau at redhat.com>
  Date:   Wed Sep 18 14:01:26 2013 +0200

    daemon: Fix 'caert.pem' typo in privileged help output
    
    The help message indicates that the CA certificate is
    $sysconfdir/pki/CA/caert.pem while the actual path is
    $sysconfdir/pki/CA/cacert.pem
    
    Signed-off-by: Christophe Fergeau <cfergeau at redhat.com>
    Signed-off-by: Eric Blake <eblake at redhat.com>

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|




More information about the libvir-list mailing list