[libvirt PATCH 1/3] conf: add support for VNC power control setting

Ján Tomko jtomko at redhat.com
Tue Feb 16 14:26:07 UTC 2021 

On a Tuesday in 2021, Daniel P. Berrangé wrote:
>The <graphics type="vnc" .... powerControl="on"/> option instructs the
>VNC server to enable an extension that lets the client perform a
>graceful shutdown, reboot and hard reset.
>
>This is enabled by default since it cannot be assumed that the VNC
>client user has administrator rights over the guest OS. In the case
>where the VNC user is a guest administrator though, it is reasonable
>to allow direct power control host side too.
>
>Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
>---
> docs/formatdomain.rst         |  5 +++++
> docs/schemas/domaincommon.rng |  5 +++++
> src/conf/domain_conf.c        | 12 ++++++++++++
> src/conf/domain_conf.h        |  1 +
> 4 files changed, 23 insertions(+)
>
>diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
>index eafd6b3396..580319365c 100644
>--- a/docs/formatdomain.rst
>+++ b/docs/formatdomain.rst
>@@ -5791,6 +5791,11 @@ interaction with the admin.
>       ``autoport`` having no effect due to security reasons) :since:`Since
>       1.0.6` .
>
>+      For VNC, the ``powerControl`` attribute can be used to enable VM shutdown,
>+      reboot and reset power control features for the VNC client. This is
>+      appropriate if the authenticated VNC client user already has administrator
>+      privileges in the guest :since:`Since 7.1.0`.
>+
>       Although VNC doesn't support OpenGL natively, it can be paired with
>       graphics type ``egl-headless`` (see below) which will instruct QEMU to
>       open and use drm nodes for OpenGL rendering.
>diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
>index e6de934456..49dc4b5130 100644
>--- a/docs/schemas/domaincommon.rng
>+++ b/docs/schemas/domaincommon.rng
>@@ -3663,6 +3663,11 @@
>                   </choice>
>                 </attribute>
>               </optional>
>+              <optional>
>+                <attribute name="powerControl">
>+                  <ref name="virYesNo"/>
>+                </attribute>
>+              </optional>
>             </group>
>             <group>
>               <optional>
>diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
>index b731744f04..91933bf292 100644
>--- a/src/conf/domain_conf.c
>+++ b/src/conf/domain_conf.c
>@@ -13150,6 +13150,7 @@ virDomainGraphicsDefParseXMLVNC(virDomainGraphicsDefPtr def,
>     g_autofree char *websocketGenerated = virXMLPropString(node, "websocketGenerated");
>     g_autofree char *sharePolicy = virXMLPropString(node, "sharePolicy");
>     g_autofree char *autoport = virXMLPropString(node, "autoport");
>+    g_autofree char *powerControl = virXMLPropString(node, "powerControl");
>
>     if (virDomainGraphicsListensParseXML(def, node, ctxt, flags) < 0)
>         return -1;
>@@ -13206,6 +13207,13 @@ virDomainGraphicsDefParseXMLVNC(virDomainGraphicsDefPtr def,
>         }
>     }
>
>+    if (powerControl &&
>+        virStringParseYesNo(powerControl, &def->data.vnc.powerControl) < 0) {
>+        virReportError(VIR_ERR_INTERNAL_ERROR,
>+                       _("cannot parse vnc power control '%s'"), powerControl);
>+        return -1;
>+    }
>+
>     def->data.vnc.keymap = virXMLPropString(node, "keymap");
>
>     if (virDomainGraphicsAuthDefParseXML(node, &def->data.vnc.auth,
>@@ -27148,6 +27156,10 @@ virDomainGraphicsDefFormat(virBufferPtr buf,
>                               virDomainGraphicsVNCSharePolicyTypeToString(
>                               def->data.vnc.sharePolicy));
>
>+        if (def->data.vnc.powerControl)
>+            virBufferAsprintf(buf, " powerControl='%s'",
>+                              def->data.vnc.powerControl ? "yes" : "no");

The "no" branch is dead code. If you don't want to format "no" unless it
was explicitly requested, use virTristateBool.

Jano

>+
>         virDomainGraphicsAuthDefFormatAttr(buf, &def->data.vnc.auth, flags);
>         break;
>
>diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
>index 930eed60de..544ec1b2fa 100644
>--- a/src/conf/domain_conf.h
>+++ b/src/conf/domain_conf.h
>@@ -1712,6 +1712,7 @@ struct _virDomainGraphicsDef {
>             char *keymap;
>             virDomainGraphicsAuthDef auth;
>             int sharePolicy;
>+            bool powerControl;
>         } vnc;
>         struct {
>             char *display;
>-- 
>2.29.2
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20210216/d09a8fd7/attachment-0001.sig>

More information about the libvir-list mailing list