]>
Commit | Line | Data |
---|---|---|
72b1baa0 JR |
1 | diff -ru libvirt-0.8.8/daemon/libvirtd.conf libvirt-0.8.8-sasl/daemon/libvirtd.conf |
2 | --- libvirt-0.8.8/daemon/libvirtd.conf 2010-12-20 14:35:22.000000000 +0100 | |
3 | +++ libvirt-0.8.8-sasl/daemon/libvirtd.conf 2011-04-28 11:45:47.727741165 +0200 | |
4 | @@ -111,7 +111,7 @@ | |
5 | # the network providing auth (eg, TLS/x509 certificates) | |
6 | # | |
7 | # - sasl: use SASL infrastructure. The actual auth scheme is then | |
8 | -# controlled from /etc/sasl2/libvirt.conf. For the TCP | |
9 | +# controlled from /etc/sasl/libvirt.conf. For the TCP | |
10 | # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. | |
11 | # For non-TCP or TLS sockets, any scheme is allowed. | |
12 | # | |
13 | @@ -142,7 +142,7 @@ | |
14 | # If you don't enable SASL, then all TCP traffic is cleartext. | |
15 | # Don't do this outside of a dev/test scenario. For real world | |
16 | # use, always enable SASL and use the GSSAPI or DIGEST-MD5 | |
17 | -# mechanism in /etc/sasl2/libvirt.conf | |
18 | +# mechanism in /etc/sasl/libvirt.conf | |
19 | #auth_tcp = "sasl" | |
20 | ||
21 | # Change the authentication scheme for TLS sockets. | |
22 | diff -ru libvirt-0.8.8/daemon/Makefile.am libvirt-0.8.8-sasl/daemon/Makefile.am | |
23 | --- libvirt-0.8.8/daemon/Makefile.am 2011-01-31 02:30:59.000000000 +0100 | |
24 | +++ libvirt-0.8.8-sasl/daemon/Makefile.am 2011-04-28 11:45:47.703741165 +0200 | |
25 | @@ -326,12 +326,12 @@ | |
26 | # the WITH_LIBVIRTD conditional | |
27 | if HAVE_SASL | |
28 | install-data-sasl: | |
a0b92b5f | 29 | - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl2/ |
72b1baa0 | 30 | - $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf |
a0b92b5f | 31 | + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl/ |
72b1baa0 JR |
32 | + $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf |
33 | ||
34 | uninstall-data-sasl: | |
35 | - rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf | |
a0b92b5f | 36 | - rmdir $(DESTDIR)$(sysconfdir)/sasl2/ || : |
72b1baa0 | 37 | + rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf |
a0b92b5f | 38 | + rmdir $(DESTDIR)$(sysconfdir)/sasl/ || : |
72b1baa0 JR |
39 | else |
40 | install-data-sasl: | |
41 | uninstall-data-sasl: | |
42 | diff -ru libvirt-0.8.8/daemon/test_libvirtd.aug libvirt-0.8.8-sasl/daemon/test_libvirtd.aug | |
72b1baa0 JR |
43 | diff -ru libvirt-0.8.8/docs/auth.html libvirt-0.8.8-sasl/docs/auth.html |
44 | --- libvirt-0.8.8/docs/auth.html 2011-02-17 05:13:12.000000000 +0100 | |
45 | +++ libvirt-0.8.8-sasl/docs/auth.html 2011-04-28 11:45:43.429741167 +0200 | |
46 | @@ -273,7 +273,7 @@ | |
47 | The plain TCP socket of the libvirt daemon defaults to using SASL for authentication. | |
48 | The SASL mechanism configured by default is DIGEST-MD5, which provides a basic | |
49 | username+password style authentication. To enable Kerberos single-sign-on instead, | |
50 | -the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>. | |
51 | +the libvirt SASL configuration file must be changed. This is <code>/etc/sasl/libvirt.conf</code>. | |
52 | The <code>mech_list</code> parameter must first be changed to <code>gssapi</code> | |
53 | instead of the default <code>digest-md5</code>. If SASL is enabled on the UNIX | |
54 | and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos | |
55 | diff -ru libvirt-0.8.8/docs/auth.html.in libvirt-0.8.8-sasl/docs/auth.html.in | |
56 | --- libvirt-0.8.8/docs/auth.html.in 2010-12-20 14:35:22.000000000 +0100 | |
57 | +++ libvirt-0.8.8-sasl/docs/auth.html.in 2011-04-28 11:45:43.586741167 +0200 | |
58 | @@ -115,7 +115,7 @@ | |
59 | The plain TCP socket of the libvirt daemon defaults to using SASL for authentication. | |
60 | The SASL mechanism configured by default is DIGEST-MD5, which provides a basic | |
61 | username+password style authentication. To enable Kerberos single-sign-on instead, | |
62 | -the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>. | |
63 | +the libvirt SASL configuration file must be changed. This is <code>/etc/sasl/libvirt.conf</code>. | |
64 | The <code>mech_list</code> parameter must first be changed to <code>gssapi</code> | |
65 | instead of the default <code>digest-md5</code>. If SASL is enabled on the UNIX | |
66 | and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos | |
67 | diff -ru libvirt-0.8.8/libvirt.spec libvirt-0.8.8-sasl/libvirt.spec | |
68 | --- libvirt-0.8.8/libvirt.spec 2011-02-17 05:13:09.000000000 +0100 | |
69 | +++ libvirt-0.8.8-sasl/libvirt.spec 2011-04-28 11:45:43.675741167 +0200 | |
70 | @@ -933,7 +933,7 @@ | |
71 | %dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/ | |
72 | ||
73 | %if %{with_sasl} | |
74 | -%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf | |
75 | +%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf | |
76 | %endif | |
77 | ||
78 | %files devel | |
79 | diff -ru libvirt-0.8.8/libvirt.spec.in libvirt-0.8.8-sasl/libvirt.spec.in | |
80 | --- libvirt-0.8.8/libvirt.spec.in 2011-02-17 05:10:58.000000000 +0100 | |
81 | +++ libvirt-0.8.8-sasl/libvirt.spec.in 2011-04-28 11:45:43.672741167 +0200 | |
82 | @@ -933,7 +933,7 @@ | |
83 | %dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/ | |
84 | ||
85 | %if %{with_sasl} | |
86 | -%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf | |
87 | +%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf | |
88 | %endif | |
89 | ||
90 | %files devel | |
bf3e9ac8 JB |
91 | --- libvirt-0.9.13/src/qemu/qemu.conf.orig 2012-05-31 16:23:22.000000000 +0200 |
92 | +++ libvirt-0.9.13/src/qemu/qemu.conf 2012-07-08 11:37:16.366378718 +0200 | |
72b1baa0 JR |
93 | @@ -74,18 +74,18 @@ |
94 | # Examples include vinagre, virt-viewer and virt-manager | |
95 | # itself. UltraVNC, RealVNC, TightVNC do not support this | |
96 | # | |
97 | -# It is necessary to configure /etc/sasl2/qemu.conf to choose | |
98 | +# It is necessary to configure /etc/sasl/qemu.conf to choose | |
99 | # the desired SASL plugin (eg, GSSPI for Kerberos) | |
100 | # | |
bf3e9ac8 | 101 | #vnc_sasl = 1 |
72b1baa0 JR |
102 | |
103 | ||
104 | -# The default SASL configuration file is located in /etc/sasl2/ | |
105 | +# The default SASL configuration file is located in /etc/sasl/ | |
106 | # When running libvirtd unprivileged, it may be desirable to | |
107 | # override the configs in this location. Set this parameter to | |
108 | # point to the directory, and create a qemu.conf in that location | |
109 | # | |
bf3e9ac8 JB |
110 | -#vnc_sasl_dir = "/some/directory/sasl2" |
111 | +#vnc_sasl_dir = "/some/directory/sasl" | |
72b1baa0 JR |
112 | |
113 | ||
bf3e9ac8 | 114 | # QEMU implements an extension for providing audio over a VNC connection, |
72b1baa0 | 115 | diff -ru libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug |
72b1baa0 JR |
116 | diff -ru libvirt-0.8.8/tests/confdata/libvirtd.conf libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf |
117 | --- libvirt-0.8.8/tests/confdata/libvirtd.conf 2010-05-27 14:03:22.000000000 +0200 | |
118 | +++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf 2011-04-28 11:45:46.878741165 +0200 | |
119 | @@ -102,7 +102,7 @@ | |
120 | # the network providing auth (eg, TLS/x509 certificates) | |
121 | # | |
122 | # - sasl: use SASL infrastructure. The actual auth scheme is then | |
123 | -# controlled from /etc/sasl2/libvirt.conf. For the TCP | |
124 | +# controlled from /etc/sasl/libvirt.conf. For the TCP | |
125 | # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. | |
126 | # For non-TCP or TLS sockets, any scheme is allowed. | |
127 | # | |
128 | @@ -133,7 +133,7 @@ | |
129 | # If you don't enable SASL, then all TCP traffic is cleartext. | |
130 | # Don't do this outside of a dev/test scenario. For real world | |
131 | # use, always enable SASL and use the GSSAPI or DIGEST-MD5 | |
132 | -# mechanism in /etc/sasl2/libvirt.conf | |
133 | +# mechanism in /etc/sasl/libvirt.conf | |
134 | auth_tcp = "sasl" | |
135 | ||
136 | # Change the authentication scheme for TLS sockets. | |
137 | diff -ru libvirt-0.8.8/tests/confdata/libvirtd.out libvirt-0.8.8-sasl/tests/confdata/libvirtd.out | |
138 | --- libvirt-0.8.8/tests/confdata/libvirtd.out 2010-05-27 14:03:22.000000000 +0200 | |
139 | +++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.out 2011-04-28 11:45:46.875741165 +0200 | |
140 | @@ -82,7 +82,7 @@ | |
141 | # the network providing auth (eg, TLS/x509 certificates) | |
142 | # | |
143 | # - sasl: use SASL infrastructure. The actual auth scheme is then | |
144 | -# controlled from /etc/sasl2/libvirt.conf. For the TCP | |
145 | +# controlled from /etc/sasl/libvirt.conf. For the TCP | |
146 | # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. | |
147 | # For non-TCP or TLS sockets, any scheme is allowed. | |
148 | # | |
149 | @@ -111,7 +111,7 @@ | |
150 | # If you don't enable SASL, then all TCP traffic is cleartext. | |
151 | # Don't do this outside of a dev/test scenario. For real world | |
152 | # use, always enable SASL and use the GSSAPI or DIGEST-MD5 | |
153 | -# mechanism in /etc/sasl2/libvirt.conf | |
154 | +# mechanism in /etc/sasl/libvirt.conf | |
155 | auth_tcp = "sasl" | |
156 | # Change the authentication scheme for TLS sockets. | |
157 | # | |
158 | diff -ru libvirt-0.8.8/tests/qemuargv2xmltest.c libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c | |
159 | --- libvirt-0.8.8/tests/qemuargv2xmltest.c 2011-01-24 03:59:21.000000000 +0100 | |
160 | +++ libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c 2011-04-28 11:45:46.964741165 +0200 | |
161 | @@ -181,7 +181,7 @@ | |
162 | DO_TEST("graphics-vnc-socket"); | |
163 | ||
164 | driver.vncSASL = 1; | |
165 | - driver.vncSASLdir = strdup("/root/.sasl2"); | |
166 | + driver.vncSASLdir = strdup("/root/.sasl"); | |
167 | DO_TEST("graphics-vnc-sasl"); | |
168 | driver.vncTLS = 1; | |
169 | driver.vncTLSx509verify = 1; | |
170 | diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args | |
171 | --- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-02-03 15:05:31.000000000 +0100 | |
172 | +++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-04-28 11:45:46.860741165 +0200 | |
173 | @@ -1,5 +1,5 @@ | |
174 | LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \ | |
175 | -SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ | |
176 | +SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ | |
177 | -smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \ | |
178 | /dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \ | |
179 | 127.0.0.1:3,sasl -vga cirrus | |
180 | diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args | |
181 | --- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-02-03 15:05:31.000000000 +0100 | |
182 | +++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-04-28 11:45:46.864741165 +0200 | |
183 | @@ -1,5 +1,5 @@ | |
184 | LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \ | |
185 | -SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ | |
186 | +SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ | |
187 | -smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \ | |
188 | /dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \ | |
189 | 127.0.0.1:3,tls,x509verify=/etc/pki/tls/qemu,sasl | |
190 | diff -ru libvirt-0.8.8/tests/qemuxml2argvtest.c libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c | |
191 | --- libvirt-0.8.8/tests/qemuxml2argvtest.c 2011-02-11 10:46:59.000000000 +0100 | |
192 | +++ libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c 2011-04-28 11:45:46.767741165 +0200 | |
193 | @@ -335,7 +335,7 @@ | |
194 | DO_TEST("graphics-vnc-socket", 0, false); | |
195 | ||
196 | driver.vncSASL = 1; | |
197 | - driver.vncSASLdir = strdup("/root/.sasl2"); | |
198 | + driver.vncSASLdir = strdup("/root/.sasl"); | |
36a3330a | 199 | DO_TEST("graphics-vnc-sasl", false, QEMU_CAPS_VGA); |
72b1baa0 JR |
200 | driver.vncTLS = 1; |
201 | driver.vncTLSx509verify = 1; |