]>
Commit | Line | Data |
---|---|---|
be8dc440 JK |
1 | diff -dur -x '*.orig' -x '*.rej' -x '*~' libvirt-2.1.0.orig/src/qemu/qemu_command.c libvirt-2.1.0/src/qemu/qemu_command.c |
2 | --- libvirt-2.1.0.orig/src/qemu/qemu_command.c 2016-08-02 09:10:56.000000000 +0200 | |
3 | +++ libvirt-2.1.0/src/qemu/qemu_command.c 2016-08-17 12:43:29.000000000 +0200 | |
4 | @@ -7521,6 +7521,9 @@ | |
5 | /* TODO: Support ACLs later */ | |
6 | } | |
7 | ||
8 | + if (cfg->vncACL) | |
9 | + virBufferAddLit(&opt, ",acl"); | |
10 | + | |
11 | virCommandAddArg(cmd, "-vnc"); | |
12 | virCommandAddArgBuffer(cmd, &opt); | |
13 | if (graphics->data.vnc.keymap) | |
14 | diff -dur -x '*.orig' -x '*.rej' -x '*~' libvirt-2.1.0.orig/src/qemu/qemu.conf libvirt-2.1.0/src/qemu/qemu.conf | |
15 | --- libvirt-2.1.0.orig/src/qemu/qemu.conf 2016-08-17 12:30:24.000000000 +0200 | |
16 | +++ libvirt-2.1.0/src/qemu/qemu.conf 2016-08-17 12:37:00.000000000 +0200 | |
17 | @@ -80,6 +80,15 @@ | |
18 | #vnc_sasl = 1 | |
3f6c4997 JR |
19 | |
20 | ||
21 | +# Enable the VNC access control lists. When switched on this will | |
22 | +# initially block all vnc users from accessing the vnc server. To | |
23 | +# add and remove ids from the ACLs you will need to send the appropriate | |
24 | +# commands to the qemu monitor as required by your particular version of | |
25 | +# QEMU. See the QEMU documentation for more details. | |
26 | +# | |
27 | +# vnc_acl = 1 | |
28 | + | |
29 | + | |
30 | # The default SASL configuration file is located in /etc/sasl/ | |
31 | # When running libvirtd unprivileged, it may be desirable to | |
32 | # override the configs in this location. Set this parameter to | |
be8dc440 JK |
33 | diff -dur -x '*.orig' -x '*.rej' -x '*~' libvirt-2.1.0.orig/src/qemu/qemu_conf.c libvirt-2.1.0/src/qemu/qemu_conf.c |
34 | --- libvirt-2.1.0.orig/src/qemu/qemu_conf.c 2016-07-27 14:39:35.000000000 +0200 | |
35 | +++ libvirt-2.1.0/src/qemu/qemu_conf.c 2016-08-17 12:40:28.000000000 +0200 | |
36 | @@ -425,7 +425,8 @@ | |
37 | goto cleanup; | |
38 | if (virConfGetValueBool(conf, "nographics_allow_host_audio", &cfg->nogfxAllowHostAudio) < 0) | |
39 | goto cleanup; | |
40 | - | |
41 | + if (virConfGetValueBool(conf, "vnc_acl", &cfg->vncACL) < 0) | |
42 | + goto cleanup; | |
3f6c4997 | 43 | |
be8dc440 JK |
44 | if (virConfGetValueStringList(conf, "security_driver", true, &cfg->securityDriverNames) < 0) |
45 | goto cleanup; | |
46 | diff -dur -x '*.orig' -x '*.rej' -x '*~' libvirt-2.1.0.orig/src/qemu/qemu_conf.h libvirt-2.1.0/src/qemu/qemu_conf.h | |
47 | --- libvirt-2.1.0.orig/src/qemu/qemu_conf.h 2016-07-27 14:39:35.000000000 +0200 | |
48 | +++ libvirt-2.1.0/src/qemu/qemu_conf.h 2016-08-17 12:37:00.000000000 +0200 | |
49 | @@ -113,6 +113,7 @@ | |
7dbd1599 JB |
50 | bool vncTLS; |
51 | bool vncTLSx509verify; | |
52 | bool vncSASL; | |
53 | + bool vncACL; | |
3f6c4997 JR |
54 | char *vncTLSx509certdir; |
55 | char *vncListen; | |
56 | char *vncPassword; |