diff -ru libvirt-0.8.8/daemon/libvirtd.conf libvirt-0.8.8-sasl/daemon/libvirtd.conf
--- libvirt-0.8.8/daemon/libvirtd.conf 2010-12-20 14:35:22.000000000 +0100
+++ libvirt-0.8.8-sasl/daemon/libvirtd.conf 2011-04-28 11:45:47.727741165 +0200
@@ -111,7 +111,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
# - sasl: use SASL infrastructure. The actual auth scheme is then
-# controlled from /etc/sasl2/libvirt.conf. For the TCP
+# controlled from /etc/sasl/libvirt.conf. For the TCP
# socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
# For non-TCP or TLS sockets, any scheme is allowed.
#
@@ -142,7 +142,7 @@
# If you don't enable SASL, then all TCP traffic is cleartext.
# Don't do this outside of a dev/test scenario. For real world
# use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
#auth_tcp = "sasl"
# Change the authentication scheme for TLS sockets.
diff -ru libvirt-0.8.8/daemon/Makefile.am libvirt-0.8.8-sasl/daemon/Makefile.am
--- libvirt-0.8.8/daemon/Makefile.am 2011-01-31 02:30:59.000000000 +0100
+++ libvirt-0.8.8-sasl/daemon/Makefile.am 2011-04-28 11:45:47.703741165 +0200
@@ -326,12 +326,12 @@
# the WITH_LIBVIRTD conditional
if HAVE_SASL
install-data-sasl:
- mkdir -p $(DESTDIR)$(sysconfdir)/sasl2/
- $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
+ mkdir -p $(DESTDIR)$(sysconfdir)/sasl/
+ $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
uninstall-data-sasl:
- rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
- rmdir $(DESTDIR)$(sysconfdir)/sasl2/
+ rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
+ rmdir $(DESTDIR)$(sysconfdir)/sasl/
else
install-data-sasl:
uninstall-data-sasl:
diff -ru libvirt-0.8.8/daemon/test_libvirtd.aug libvirt-0.8.8-sasl/daemon/test_libvirtd.aug
--- libvirt-0.8.8/daemon/test_libvirtd.aug 2011-01-31 02:30:59.000000000 +0100
+++ libvirt-0.8.8-sasl/daemon/test_libvirtd.aug 2011-04-28 11:45:47.697741165 +0200
@@ -108,7 +108,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
# - sasl: use SASL infrastructure. The actual auth scheme is then
-# controlled from /etc/sasl2/libvirt.conf. For the TCP
+# controlled from /etc/sasl/libvirt.conf. For the TCP
# socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
# For non-TCP or TLS sockets, any scheme is allowed.
#
@@ -139,7 +139,7 @@
# If you don't enable SASL, then all TCP traffic is cleartext.
# Don't do this outside of a dev/test scenario. For real world
# use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
auth_tcp = \"sasl\"
# Change the authentication scheme for TLS sockets.
@@ -383,7 +383,7 @@
{ "#comment" = "the network providing auth (eg, TLS/x509 certificates)" }
{ "#comment" = "" }
{ "#comment" = "- sasl: use SASL infrastructure. The actual auth scheme is then" }
- { "#comment" = "controlled from /etc/sasl2/libvirt.conf. For the TCP" }
+ { "#comment" = "controlled from /etc/sasl/libvirt.conf. For the TCP" }
{ "#comment" = "socket only GSSAPI & DIGEST-MD5 mechanisms will be used." }
{ "#comment" = "For non-TCP or TLS sockets, any scheme is allowed." }
{ "#comment" = "" }
@@ -414,7 +414,7 @@
{ "#comment" = "If you don't enable SASL, then all TCP traffic is cleartext." }
{ "#comment" = "Don't do this outside of a dev/test scenario. For real world" }
{ "#comment" = "use, always enable SASL and use the GSSAPI or DIGEST-MD5" }
- { "#comment" = "mechanism in /etc/sasl2/libvirt.conf" }
+ { "#comment" = "mechanism in /etc/sasl/libvirt.conf" }
{ "auth_tcp" = "sasl" }
{ "#empty" }
{ "#comment" = "Change the authentication scheme for TLS sockets." }
diff -ru libvirt-0.8.8/docs/auth.html libvirt-0.8.8-sasl/docs/auth.html
--- libvirt-0.8.8/docs/auth.html 2011-02-17 05:13:12.000000000 +0100
+++ libvirt-0.8.8-sasl/docs/auth.html 2011-04-28 11:45:43.429741167 +0200
@@ -273,7 +273,7 @@
The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
username+password style authentication. To enable Kerberos single-sign-on instead,
-the libvirt SASL configuration file must be changed. This is /etc/sasl2/libvirt.conf
.
+the libvirt SASL configuration file must be changed. This is /etc/sasl/libvirt.conf
.
The mech_list
parameter must first be changed to gssapi
instead of the default digest-md5
. If SASL is enabled on the UNIX
and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos
diff -ru libvirt-0.8.8/docs/auth.html.in libvirt-0.8.8-sasl/docs/auth.html.in
--- libvirt-0.8.8/docs/auth.html.in 2010-12-20 14:35:22.000000000 +0100
+++ libvirt-0.8.8-sasl/docs/auth.html.in 2011-04-28 11:45:43.586741167 +0200
@@ -115,7 +115,7 @@
The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
username+password style authentication. To enable Kerberos single-sign-on instead,
-the libvirt SASL configuration file must be changed. This is /etc/sasl2/libvirt.conf
.
+the libvirt SASL configuration file must be changed. This is /etc/sasl/libvirt.conf
.
The mech_list
parameter must first be changed to gssapi
instead of the default digest-md5
. If SASL is enabled on the UNIX
and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos
diff -ru libvirt-0.8.8/libvirt.spec libvirt-0.8.8-sasl/libvirt.spec
--- libvirt-0.8.8/libvirt.spec 2011-02-17 05:13:09.000000000 +0100
+++ libvirt-0.8.8-sasl/libvirt.spec 2011-04-28 11:45:43.675741167 +0200
@@ -933,7 +933,7 @@
%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
%if %{with_sasl}
-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
+%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf
%endif
%files devel
diff -ru libvirt-0.8.8/libvirt.spec.in libvirt-0.8.8-sasl/libvirt.spec.in
--- libvirt-0.8.8/libvirt.spec.in 2011-02-17 05:10:58.000000000 +0100
+++ libvirt-0.8.8-sasl/libvirt.spec.in 2011-04-28 11:45:43.672741167 +0200
@@ -933,7 +933,7 @@
%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
%if %{with_sasl}
-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
+%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf
%endif
%files devel
diff -ru libvirt-0.8.8/src/qemu/qemu.conf libvirt-0.8.8-sasl/src/qemu/qemu.conf
--- libvirt-0.8.8/src/qemu/qemu.conf 2011-02-16 07:36:53.000000000 +0100
+++ libvirt-0.8.8-sasl/src/qemu/qemu.conf 2011-04-28 11:45:47.091741165 +0200
@@ -74,18 +74,18 @@
# Examples include vinagre, virt-viewer and virt-manager
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# It is necessary to configure /etc/sasl/qemu.conf to choose
# the desired SASL plugin (eg, GSSPI for Kerberos)
#
# vnc_sasl = 1
-# The default SASL configuration file is located in /etc/sasl2/
+# The default SASL configuration file is located in /etc/sasl/
# When running libvirtd unprivileged, it may be desirable to
# override the configs in this location. Set this parameter to
# point to the directory, and create a qemu.conf in that location
#
-# vnc_sasl_dir = "/some/directory/sasl2"
+# vnc_sasl_dir = "/some/directory/sasl"
diff -ru libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug
--- libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug 2011-01-31 02:30:59.000000000 +0100
+++ libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug 2011-04-28 11:45:47.103741165 +0200
@@ -67,18 +67,18 @@
# Examples include vinagre, virt-viewer and virt-manager
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# It is necessary to configure /etc/sasl/qemu.conf to choose
# the desired SASL plugin (eg, GSSPI for Kerberos)
#
vnc_sasl = 1
-# The default SASL configuration file is located in /etc/sasl2/
+# The default SASL configuration file is located in /etc/sasl/
# When running libvirtd unprivileged, it may be desirable to
# override the configs in this location. Set this parameter to
# point to the directory, and create a qemu.conf in that location
#
-vnc_sasl_dir = \"/some/directory/sasl2\"
+vnc_sasl_dir = \"/some/directory/sasl\"
security_driver = \"selinux\"
@@ -181,18 +181,18 @@
{ "#comment" = "Examples include vinagre, virt-viewer and virt-manager" }
{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
{ "#comment" = "" }
-{ "#comment" = "It is necessary to configure /etc/sasl2/qemu.conf to choose" }
+{ "#comment" = "It is necessary to configure /etc/sasl/qemu.conf to choose" }
{ "#comment" = "the desired SASL plugin (eg, GSSPI for Kerberos)" }
{ "#comment" = "" }
{ "vnc_sasl" = "1" }
{ "#empty" }
{ "#empty" }
-{ "#comment" = "The default SASL configuration file is located in /etc/sasl2/" }
+{ "#comment" = "The default SASL configuration file is located in /etc/sasl/" }
{ "#comment" = "When running libvirtd unprivileged, it may be desirable to" }
{ "#comment" = "override the configs in this location. Set this parameter to" }
{ "#comment" = "point to the directory, and create a qemu.conf in that location" }
{ "#comment" = "" }
-{ "vnc_sasl_dir" = "/some/directory/sasl2" }
+{ "vnc_sasl_dir" = "/some/directory/sasl" }
{ "#empty" }
{ "security_driver" = "selinux" }
{ "#empty" }
diff -ru libvirt-0.8.8/tests/confdata/libvirtd.conf libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf
--- libvirt-0.8.8/tests/confdata/libvirtd.conf 2010-05-27 14:03:22.000000000 +0200
+++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf 2011-04-28 11:45:46.878741165 +0200
@@ -102,7 +102,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
# - sasl: use SASL infrastructure. The actual auth scheme is then
-# controlled from /etc/sasl2/libvirt.conf. For the TCP
+# controlled from /etc/sasl/libvirt.conf. For the TCP
# socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
# For non-TCP or TLS sockets, any scheme is allowed.
#
@@ -133,7 +133,7 @@
# If you don't enable SASL, then all TCP traffic is cleartext.
# Don't do this outside of a dev/test scenario. For real world
# use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
auth_tcp = "sasl"
# Change the authentication scheme for TLS sockets.
diff -ru libvirt-0.8.8/tests/confdata/libvirtd.out libvirt-0.8.8-sasl/tests/confdata/libvirtd.out
--- libvirt-0.8.8/tests/confdata/libvirtd.out 2010-05-27 14:03:22.000000000 +0200
+++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.out 2011-04-28 11:45:46.875741165 +0200
@@ -82,7 +82,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
# - sasl: use SASL infrastructure. The actual auth scheme is then
-# controlled from /etc/sasl2/libvirt.conf. For the TCP
+# controlled from /etc/sasl/libvirt.conf. For the TCP
# socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
# For non-TCP or TLS sockets, any scheme is allowed.
#
@@ -111,7 +111,7 @@
# If you don't enable SASL, then all TCP traffic is cleartext.
# Don't do this outside of a dev/test scenario. For real world
# use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
auth_tcp = "sasl"
# Change the authentication scheme for TLS sockets.
#
diff -ru libvirt-0.8.8/tests/qemuargv2xmltest.c libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c
--- libvirt-0.8.8/tests/qemuargv2xmltest.c 2011-01-24 03:59:21.000000000 +0100
+++ libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c 2011-04-28 11:45:46.964741165 +0200
@@ -181,7 +181,7 @@
DO_TEST("graphics-vnc-socket");
driver.vncSASL = 1;
- driver.vncSASLdir = strdup("/root/.sasl2");
+ driver.vncSASLdir = strdup("/root/.sasl");
DO_TEST("graphics-vnc-sasl");
driver.vncTLS = 1;
driver.vncTLSx509verify = 1;
diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args
--- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-02-03 15:05:31.000000000 +0100
+++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-04-28 11:45:46.860741165 +0200
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
-SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
+SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
-smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \
127.0.0.1:3,sasl -vga cirrus
diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args
--- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-02-03 15:05:31.000000000 +0100
+++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-04-28 11:45:46.864741165 +0200
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
-SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
+SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
-smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \
127.0.0.1:3,tls,x509verify=/etc/pki/tls/qemu,sasl
diff -ru libvirt-0.8.8/tests/qemuxml2argvtest.c libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c
--- libvirt-0.8.8/tests/qemuxml2argvtest.c 2011-02-11 10:46:59.000000000 +0100
+++ libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c 2011-04-28 11:45:46.767741165 +0200
@@ -335,7 +335,7 @@
DO_TEST("graphics-vnc-socket", 0, false);
driver.vncSASL = 1;
- driver.vncSASLdir = strdup("/root/.sasl2");
+ driver.vncSASLdir = strdup("/root/.sasl");
DO_TEST("graphics-vnc-sasl", false, QEMU_CAPS_VGA);
driver.vncTLS = 1;
driver.vncTLSx509verify = 1;