[libvirt-users] virsh dom state

Eric Blake eblake at redhat.com
Tue Mar 24 14:28:32 UTC 2015

On 03/23/2015 03:54 PM, Brian Rak wrote:
> On 3/23/2015 12:49 PM, Michal Privoznik wrote:
>> On 23.03.2015 16:02, Fiorenza Meini wrote:
>>> Hi there,
>>> I'm running KVM under Openstack .
>>> When I give virsh list command, I see some VM in NON persistent state.
>>> What does it mean? How can I move it to a persisten state ?
>> You can do that by running:
>> virsh dumpxml $dom > dom.xml && virsh define dom.xml
> You want `virsh dumpxml --security-info $dom`, not just `virsh
> dumpxml`.  There is a *critical* difference in that the former will
> preserve any passwords you have set (like say, VNC) whereas the latter
> will not.  This is sadly not very obvious.

VNC passwords are the ONLY thing protected by --security-info, and as it
is, they are not all that secure to begin with (8-byte maximum,
transferred in plaintext in the protocol).  Spice security is much
better, and also not impacted by the limitation on preserving passwords.

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20150324/f6b236dc/attachment.sig>

More information about the libvirt-users mailing list