1 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/daemon/libvirtd.conf libvirt-2.5.0/daemon/libvirtd.conf
2 --- libvirt-2.5.0.orig/src/remote/libvirtd.conf 2016-06-27 16:12:20.000000000 +0200
3 +++ libvirt-2.5.0/src/remote/libvirtd.conf 2016-12-20 12:56:04.000000000 +0100
5 # the network providing auth (eg, TLS/x509 certificates)
7 # - sasl: use SASL infrastructure. The actual auth scheme is then
8 -# controlled from /etc/sasl2/libvirt.conf. For the TCP
9 +# controlled from /etc/sasl/libvirt.conf. For the TCP
10 # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
11 # For non-TCP or TLS sockets, any scheme is allowed.
14 # If you don't enable SASL, then all TCP traffic is cleartext.
15 # Don't do this outside of a dev/test scenario. For real world
16 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
17 -# mechanism in /etc/sasl2/libvirt.conf
18 +# mechanism in /etc/sasl/libvirt.conf
21 # Change the authentication scheme for TLS sockets.
22 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/daemon/Makefile.am libvirt-2.5.0/daemon/Makefile.am
23 --- libvirt-2.5.0.orig/src/remote/Makefile.inc.am 2016-11-30 13:57:30.000000000 +0100
24 +++ libvirt-2.5.0/src/remote/Makefile.inc.am 2016-12-20 12:56:04.000000000 +0100
26 # the WITH_LIBVIRTD conditional
29 - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl2/
30 + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl/
31 $(INSTALL_DATA) $(srcdir)/remote/libvirtd.sasl \
32 - $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
33 + $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
36 - rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
37 - rmdir $(DESTDIR)$(sysconfdir)/sasl2/ || :
38 + rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
39 + rmdir $(DESTDIR)$(sysconfdir)/sasl/ || :
43 --- libvirt-3.5.0/docs/auth.html.in.orig 2017-08-01 17:26:35.217739874 +0200
44 +++ libvirt-3.5.0/docs/auth.html.in 2017-08-01 17:29:07.364404805 +0200
47 Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
48 config change is rquired to enable plain password auth. This is done by
49 -editting <code>/etc/sasl2/libvirt.conf</code> to set the <code>mech_list</code>
50 +editting <code>/etc/sasl/libvirt.conf</code> to set the <code>mech_list</code>
51 parameter to <code>scram-sha-1</code>.
54 --- libvirt-3.5.0/docs/auth.html.orig 2017-08-01 17:26:35.217739874 +0200
55 +++ libvirt-3.5.0/docs/auth.html 2017-08-01 17:29:16.164404704 +0200
58 Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
59 config change is rquired to enable plain password auth. This is done by
60 -editting <code>/etc/sasl2/libvirt.conf</code> to set the <code>mech_list</code>
61 +editting <code>/etc/sasl/libvirt.conf</code> to set the <code>mech_list</code>
62 parameter to <code>scram-sha-1</code>.
65 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/src/qemu/qemu.conf libvirt-2.5.0/src/qemu/qemu.conf
66 --- libvirt-2.5.0.orig/src/qemu/qemu.conf 2016-11-29 10:47:58.000000000 +0100
67 +++ libvirt-2.5.0/src/qemu/qemu.conf 2016-12-20 12:56:04.000000000 +0100
69 # Examples include vinagre, virt-viewer and virt-manager
70 # itself. UltraVNC, RealVNC, TightVNC do not support this
72 -# It is necessary to configure /etc/sasl2/qemu.conf to choose
73 +# It is necessary to configure /etc/sasl/qemu.conf to choose
74 # the desired SASL plugin (eg, GSSPI for Kerberos)
79 -# The default SASL configuration file is located in /etc/sasl2/
80 +# The default SASL configuration file is located in /etc/sasl/
81 # When running libvirtd unprivileged, it may be desirable to
82 # override the configs in this location. Set this parameter to
83 # point to the directory, and create a qemu.conf in that location
85 -#vnc_sasl_dir = "/some/directory/sasl2"
86 +#vnc_sasl_dir = "/some/directory/sasl"
89 # QEMU implements an extension for providing audio over a VNC connection,
90 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-2.5.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args
91 --- libvirt-2.5.0.orig/tests/qemuxml2argvdata/-graphics-vnc-sasl.args 2016-07-27 14:39:35.000000000 +0200
92 +++ libvirt-2.5.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2016-12-20 12:56:04.000000000 +0100
97 -SASL_CONF_PATH=/root/.sasl2 \
98 +SASL_CONF_PATH=/root/.sasl \
102 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-2.5.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args
103 --- libvirt-2.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args 2016-07-27 14:39:35.000000000 +0200
104 +++ libvirt-2.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.args 2016-12-20 12:56:04.000000000 +0100
109 -SASL_CONF_PATH=/root/.sasl2 \
110 +SASL_CONF_PATH=/root/.sasl \
111 QEMU_AUDIO_DRV=none \
114 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/tests/virconfdata/libvirtd.conf libvirt-2.5.0/tests/virconfdata/libvirtd.conf
115 --- libvirt-2.5.0.orig/tests/virconfdata/libvirtd.conf 2016-04-26 04:20:09.000000000 +0200
116 +++ libvirt-2.5.0/tests/virconfdata/libvirtd.conf 2016-12-20 12:56:04.000000000 +0100
118 # the network providing auth (eg, TLS/x509 certificates)
120 # - sasl: use SASL infrastructure. The actual auth scheme is then
121 -# controlled from /etc/sasl2/libvirt.conf. For the TCP
122 +# controlled from /etc/sasl/libvirt.conf. For the TCP
123 # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
124 # For non-TCP or TLS sockets, any scheme is allowed.
127 # If you don't enable SASL, then all TCP traffic is cleartext.
128 # Don't do this outside of a dev/test scenario. For real world
129 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
130 -# mechanism in /etc/sasl2/libvirt.conf
131 +# mechanism in /etc/sasl/libvirt.conf
134 # Change the authentication scheme for TLS sockets.
135 diff -dur -x '*~' -x '*.orig' -x '*.rej' libvirt-2.5.0.orig/tests/virconfdata/libvirtd.out libvirt-2.5.0/tests/virconfdata/libvirtd.out
136 --- libvirt-2.5.0.orig/tests/virconfdata/libvirtd.out 2016-04-26 04:20:09.000000000 +0200
137 +++ libvirt-2.5.0/tests/virconfdata/libvirtd.out 2016-12-20 12:56:04.000000000 +0100
139 # the network providing auth (eg, TLS/x509 certificates)
141 # - sasl: use SASL infrastructure. The actual auth scheme is then
142 -# controlled from /etc/sasl2/libvirt.conf. For the TCP
143 +# controlled from /etc/sasl/libvirt.conf. For the TCP
144 # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
145 # For non-TCP or TLS sockets, any scheme is allowed.
148 # If you don't enable SASL, then all TCP traffic is cleartext.
149 # Don't do this outside of a dev/test scenario. For real world
150 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
151 -# mechanism in /etc/sasl2/libvirt.conf
152 +# mechanism in /etc/sasl/libvirt.conf
154 # Change the authentication scheme for TLS sockets.