[libvirt] [PATCH v2 11/12] spice: introduce spice_auto_unix_socket config option
Marc-André Lureau
marcandre.lureau at gmail.com
Wed May 11 18:14:36 UTC 2016
Hi
On Wed, May 11, 2016 at 5:08 PM, Pavel Hrdina <phrdina at redhat.com> wrote:
> Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
> ---
make check fails :
test_libvirtd_qemu.aug:68.3-145.28:exception thrown in test
test_libvirtd_qemu.aug:68.8-.34:exception: Iterated lens matched less
than it should
Lens: ./qemu/libvirtd_qemu.aug:113.13-.43:
Last match: ./qemu/libvirtd_qemu.aug:109.17-.31:
Error encountered at 13:0 (324 characters into string)
< = "/etc/pki/libvirt-spice"\n|=|spice_auto_unix_socket = 1\ns>
Tbh, I don't understand the need for unix socket listening when using
libvirt. If you use libvirt to manage your VM, you may as well just
use it to connect to the display (virti-viewer --attach). These avoid
having extra listening sockets. Other than that, looks good to me.
> src/qemu/qemu.conf | 11 +++++++
> src/qemu/qemu_conf.c | 1 +
> src/qemu/qemu_conf.h | 1 +
> src/qemu/qemu_process.c | 4 +++
> ...emuxml2argv-graphics-spice-auto-socket-cfg.args | 20 +++++++++++++
> ...qemuxml2argv-graphics-spice-auto-socket-cfg.xml | 30 +++++++++++++++++++
> tests/qemuxml2argvtest.c | 5 ++++
> ...muxml2xmlout-graphics-spice-auto-socket-cfg.xml | 35 ++++++++++++++++++++++
> tests/qemuxml2xmltest.c | 4 +++
> 9 files changed, 111 insertions(+)
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml
> create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml
>
> diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
> index 4fa5e8a..baf0b00 100644
> --- a/src/qemu/qemu.conf
> +++ b/src/qemu/qemu.conf
> @@ -130,6 +130,17 @@
> #spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
>
>
> +# Enable this option to have SPICE served over an automatically created
> +# unix socket. This prevents unprivileged access from users on the
> +# host machine, though most SPICE clients do not support it.
> +#
> +# This will only be enabled for SPICE configurations that do not have
> +# a hardcoded 'listen' or 'socket' value. This setting takes preference
> +# over spice_listen.
> +#
> +#spice_auto_unix_socket = 1
> +
> +
> # The default SPICE password. This parameter is only used if the
> # per-domain XML config does not already provide a password. To
> # allow access without passwords, leave this commented out. An
> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
> index e00ddca..d4c34c9 100644
> --- a/src/qemu/qemu_conf.c
> +++ b/src/qemu/qemu_conf.c
> @@ -588,6 +588,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
> GET_VALUE_STR("spice_sasl_dir", cfg->spiceSASLdir);
> GET_VALUE_STR("spice_listen", cfg->spiceListen);
> GET_VALUE_STR("spice_password", cfg->spicePassword);
> + GET_VALUE_BOOL("spice_auto_unix_socket", cfg->spiceAutoUnixSocket);
>
>
> GET_VALUE_ULONG("remote_websocket_port_min", cfg->webSocketPortMin);
> diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
> index a714b84..c94bf13 100644
> --- a/src/qemu/qemu_conf.h
> +++ b/src/qemu/qemu_conf.h
> @@ -123,6 +123,7 @@ struct _virQEMUDriverConfig {
> char *spiceSASLdir;
> char *spiceListen;
> char *spicePassword;
> + bool spiceAutoUnixSocket;
>
> int remotePortMin;
> int remotePortMax;
> diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
> index 21c2db2..05ddb32 100644
> --- a/src/qemu/qemu_process.c
> +++ b/src/qemu/qemu_process.c
> @@ -4438,7 +4438,11 @@ qemuProcessGraphicsListenGenerate(virDomainObjPtr vm,
> break;
>
> case VIR_DOMAIN_GRAPHICS_TYPE_SPICE:
> + if (cfg->spiceAutoUnixSocket) {
> + autoSocket = true;
> + } else {
> listenAddr = cfg->spiceListen;
> + }
> break;
>
> case VIR_DOMAIN_GRAPHICS_TYPE_SDL:
> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args
> new file mode 100644
> index 0000000..61335b0
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args
> @@ -0,0 +1,20 @@
> +LC_ALL=C \
> +PATH=/bin \
> +HOME=/home/test \
> +USER=test \
> +LOGNAME=test \
> +QEMU_AUDIO_DRV=spice \
> +/usr/bin/qemu \
> +-name QEMUGuest1 \
> +-S \
> +-M pc \
> +-m 214 \
> +-smp 1 \
> +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
> +-nodefaults \
> +-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \
> +-no-acpi \
> +-boot c \
> +-usb \
> +-spice unix,addr=/tmp/lib/domain--1-QEMUGuest1/spice.sock \
> +-vga cirrus
> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml
> new file mode 100644
> index 0000000..ff155c3
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml
> @@ -0,0 +1,30 @@
> +<domain type='qemu'>
> + <name>QEMUGuest1</name>
> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> + <memory unit='KiB'>219100</memory>
> + <currentMemory unit='KiB'>219100</currentMemory>
> + <vcpu placement='static'>1</vcpu>
> + <os>
> + <type arch='i686' machine='pc'>hvm</type>
> + <boot dev='hd'/>
> + </os>
> + <clock offset='utc'/>
> + <on_poweroff>destroy</on_poweroff>
> + <on_reboot>restart</on_reboot>
> + <on_crash>destroy</on_crash>
> + <devices>
> + <emulator>/usr/bin/qemu</emulator>
> + <controller type='usb' index='0'/>
> + <controller type='ide' index='0'/>
> + <controller type='pci' index='0' model='pci-root'/>
> + <input type='mouse' bus='ps2'/>
> + <input type='keyboard' bus='ps2'/>
> + <graphics type='spice'>
> + <listen type='socket' socket='/tmp/lib/domain-99-QEMUGuest1/delete.this.socket'/>
> + </graphics>
> + <video>
> + <model type='cirrus' vram='16384' heads='1'/>
> + </video>
> + <memballoon model='none'/>
> + </devices>
> +</domain>
> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
> index a3651c9..f046060 100644
> --- a/tests/qemuxml2argvtest.c
> +++ b/tests/qemuxml2argvtest.c
> @@ -950,6 +950,11 @@ mymain(void)
> DO_TEST("graphics-spice-auto-socket",
> QEMU_CAPS_SPICE,
> QEMU_CAPS_SPICE_UNIX);
> + driver.config->spiceAutoUnixSocket = true;
> + DO_TEST("graphics-spice-auto-socket-cfg",
> + QEMU_CAPS_SPICE,
> + QEMU_CAPS_SPICE_UNIX);
> + driver.config->spiceAutoUnixSocket = false;
>
> DO_TEST("input-usbmouse", NONE);
> DO_TEST("input-usbtablet", NONE);
> diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml
> new file mode 100644
> index 0000000..931ec0f
> --- /dev/null
> +++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml
> @@ -0,0 +1,35 @@
> +<domain type='qemu'>
> + <name>QEMUGuest1</name>
> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> + <memory unit='KiB'>219100</memory>
> + <currentMemory unit='KiB'>219100</currentMemory>
> + <vcpu placement='static'>1</vcpu>
> + <os>
> + <type arch='i686' machine='pc'>hvm</type>
> + <boot dev='hd'/>
> + </os>
> + <clock offset='utc'/>
> + <on_poweroff>destroy</on_poweroff>
> + <on_reboot>restart</on_reboot>
> + <on_crash>destroy</on_crash>
> + <devices>
> + <emulator>/usr/bin/qemu</emulator>
> + <controller type='usb' index='0'>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
> + </controller>
> + <controller type='ide' index='0'>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
> + </controller>
> + <controller type='pci' index='0' model='pci-root'/>
> + <input type='mouse' bus='ps2'/>
> + <input type='keyboard' bus='ps2'/>
> + <graphics type='spice'>
> + <listen type='socket'/>
> + </graphics>
> + <video>
> + <model type='cirrus' vram='16384' heads='1' primary='yes'/>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
> + </video>
> + <memballoon model='none'/>
> + </devices>
> +</domain>
> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
> index 49bf557..9db7ddd 100644
> --- a/tests/qemuxml2xmltest.c
> +++ b/tests/qemuxml2xmltest.c
> @@ -449,6 +449,10 @@ mymain(void)
> DO_TEST("graphics-spice-qxl-vga");
> DO_TEST("graphics-spice-socket");
> DO_TEST("graphics-spice-auto-socket");
> + cfg->spiceAutoUnixSocket = true;
> + DO_TEST_FULL("graphics-spice-auto-socket-cfg", WHEN_INACTIVE, NONE);
> + cfg->spiceAutoUnixSocket = false;
> +
> DO_TEST("nographics-vga");
> DO_TEST("input-usbmouse");
> DO_TEST("input-usbtablet");
> --
> 2.8.2
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
--
Marc-André Lureau
More information about the libvir-list
mailing list