[libvirt PATCH 12/16] docs: add manpage for virtsecretd
Daniel P. Berrangé
berrange at redhat.com
Tue Nov 17 16:10:23 UTC 2020
This is an adaptation of the libvirtd manpage.
Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
docs/manpages/index.rst | 1 +
docs/manpages/meson.build | 1 +
docs/manpages/virtsecretd.rst | 214 ++++++++++++++++++++++++++++++++++
3 files changed, 216 insertions(+)
create mode 100644 docs/manpages/virtsecretd.rst
diff --git a/docs/manpages/index.rst b/docs/manpages/index.rst
index 67357419eb..fb62dc86a2 100644
--- a/docs/manpages/index.rst
+++ b/docs/manpages/index.rst
@@ -24,6 +24,7 @@ These daemons provide functionality to a single libvirt driver
* `virtnodedevd(8) <virtnodedevd.html>`__ - libvirt host device management daemon
* `virtnwfilterd(8) <virtnwfilterd.html>`__ - libvirt network filter management daemon
* `virtqemud(8) <virtqemud.html>`__ - libvirt QEMU management daemon
+* `virtsecretd(8) <virtsecretd.html>`__ - libvirt secret data management daemon
Tools
=====
diff --git a/docs/manpages/meson.build b/docs/manpages/meson.build
index e08365b780..1476722bde 100644
--- a/docs/manpages/meson.build
+++ b/docs/manpages/meson.build
@@ -32,6 +32,7 @@ docs_man_files = [
{ 'name': 'virtnwfilterd', 'section': '8', 'install': conf.has('WITH_NWFILTER') },
{ 'name': 'virtproxyd', 'section': '8', 'install': conf.has('WITH_LIBVIRTD') },
{ 'name': 'virtqemud', 'section': '8', 'install': conf.has('WITH_QEMU') },
+ { 'name': 'virtsecretd', 'section': '8', 'install': conf.has('WITH_SECRETS') },
]
foreach name : keycode_list
diff --git a/docs/manpages/virtsecretd.rst b/docs/manpages/virtsecretd.rst
new file mode 100644
index 0000000000..2fa01ef147
--- /dev/null
+++ b/docs/manpages/virtsecretd.rst
@@ -0,0 +1,214 @@
+===========
+virtsecretd
+===========
+
+-------------------------------------
+libvirt secret data management daemon
+-------------------------------------
+
+:Manual section: 8
+:Manual group: Virtualization Support
+
+.. contents::
+
+SYNOPSIS
+========
+
+``virtsecretd`` [*OPTION*]...
+
+
+DESCRIPTION
+===========
+
+The ``virtsecretd`` program is a server side daemon component of the libvirt
+virtualization management system.
+
+It is one of a collection of modular daemons that replace functionality
+previously provided by the monolithic ``libvirtd`` daemon.
+
+This daemon runs on virtualization hosts to provide management for secret data.
+
+The ``virtsecretd`` daemon only listens for requests on a local Unix domain
+socket. Remote off-host access and backwards compatibility with legacy
+clients expecting ``libvirtd`` is provided by the ``virtproxy`` daemon.
+
+Restarting ``virtsecretd`` does not interrupt running guests. Guests continue to
+operate and changes in their state will generally be picked up automatically
+during startup. None the less it is recommended to avoid restarting with
+running guests whenever practical.
+
+
+SYSTEM SOCKET ACTIVATION
+========================
+
+The ``virtsecretd`` daemon is capable of starting in two modes.
+
+In the traditional mode, it will create and listen on UNIX sockets itself.
+
+In socket activation mode, it will rely on systemd to create and listen
+on the UNIX sockets and pass them as pre-opened file descriptors. In this
+mode most of the socket related config options in
+``/etc/libvirt/virtsecretd.conf`` will no longer have any effect.
+
+Socket activation mode is generally the default when running on a host
+OS that uses systemd. To revert to the traditional mode, all the socket
+unit files must be masked:
+
+::
+
+ $ systemctl mask virtsecretd.socket virtsecretd-ro.socket \
+ virtsecretd-admin.socket
+
+
+OPTIONS
+=======
+
+``-h``, ``--help``
+
+Display command line help usage then exit.
+
+``-d``, ``--daemon``
+
+Run as a daemon & write PID file.
+
+``-f``, ``--config *FILE*``
+
+Use this configuration file, overriding the default value.
+
+``-p``, ``--pid-file *FILE*``
+
+Use this name for the PID file, overriding the default value.
+
+``-t``, ``--timeout *SECONDS*``
+
+Exit after timeout period (in seconds), provided there are neither any client
+connections nor any running domains.
+
+``-v``, ``--verbose``
+
+Enable output of verbose messages.
+
+``--version``
+
+Display version information then exit.
+
+
+SIGNALS
+=======
+
+On receipt of ``SIGHUP`` ``virtsecretd`` will reload its configuration.
+
+
+FILES
+=====
+
+When run as *root*
+------------------
+
+* ``@SYSCONFDIR@/libvirt/virtsecretd.conf``
+
+The default configuration file used by ``virtsecretd``, unless overridden on the
+command line using the ``-f`` | ``--config`` option.
+
+* ``@RUNSTATEDIR@/libvirt/virtsecretd-sock``
+* ``@RUNSTATEDIR@/libvirt/virtsecretd-sock-ro``
+* ``@RUNSTATEDIR@/libvirt/virtsecretd-admin-sock``
+
+The sockets ``virtsecretd`` will use.
+
+The TLS **Server** private key ``virtsecretd`` will use.
+
+* ``@RUNSTATEDIR@/virtsecretd.pid``
+
+The PID file to use, unless overridden by the ``-p`` | ``--pid-file`` option.
+
+
+When run as *non-root*
+----------------------
+
+* ``$XDG_CONFIG_HOME/libvirt/virtsecretd.conf``
+
+The default configuration file used by ``virtsecretd``, unless overridden on the
+command line using the ``-f``|``--config`` option.
+
+* ``$XDG_RUNTIME_DIR/libvirt/virtsecretd-sock``
+* ``$XDG_RUNTIME_DIR/libvirt/virtsecretd-admin-sock``
+
+The sockets ``virtsecretd`` will use.
+
+* ``$XDG_RUNTIME_DIR/libvirt/virtsecretd.pid``
+
+The PID file to use, unless overridden by the ``-p``|``--pid-file`` option.
+
+
+If ``$XDG_CONFIG_HOME`` is not set in your environment, ``virtsecretd`` will use
+``$HOME/.config``
+
+If ``$XDG_RUNTIME_DIR`` is not set in your environment, ``virtsecretd`` will use
+``$HOME/.cache``
+
+
+EXAMPLES
+========
+
+To retrieve the version of ``virtsecretd``:
+
+::
+
+ # virtsecretd --version
+ virtsecretd (libvirt) @
+
+
+To start ``virtsecretd``, instructing it to daemonize and create a PID file:
+
+::
+
+ # virtsecretd -d
+ # ls -la @RUNSTATEDIR@/virtsecretd.pid
+ -rw-r--r-- 1 root root 6 Jul 9 02:40 @RUNSTATEDIR@/virtsecretd.pid
+
+
+BUGS
+====
+
+Please report all bugs you discover. This should be done via either:
+
+#. the mailing list
+
+ `https://libvirt.org/contact.html <https://libvirt.org/contact.html>`_
+
+#. the bug tracker
+
+ `https://libvirt.org/bugs.html <https://libvirt.org/bugs.html>`_
+
+Alternatively, you may report bugs to your software distributor / vendor.
+
+
+AUTHORS
+=======
+
+Please refer to the AUTHORS file distributed with libvirt.
+
+
+COPYRIGHT
+=========
+
+Copyright (C) 2006-2020 Red Hat, Inc., and the authors listed in the
+libvirt AUTHORS file.
+
+
+LICENSE
+=======
+
+``virtsecretd`` is distributed under the terms of the GNU LGPL v2.1+.
+This is free software; see the source for copying conditions. There
+is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
+PURPOSE
+
+
+SEE ALSO
+========
+
+virsh(1), libvirtd(8),
+`https://www.libvirt.org/daemons.html <https://www.libvirt.org/daemons.html>`_,
+`https://www.libvirt.org/drvsecret.html <https://www.libvirt.org/drvsecret.html>`_
--
2.28.0
More information about the libvir-list
mailing list