]>
Commit | Line | Data |
---|---|---|
927caa3c JR |
1 | diff -urNp -x '*.orig' libvirt-8.4.0.org/src/qemu/qemu.conf.in libvirt-8.4.0/src/qemu/qemu.conf.in |
2 | --- libvirt-8.4.0.org/src/qemu/qemu.conf.in 2022-06-19 22:15:27.653173791 +0200 | |
3 | +++ libvirt-8.4.0/src/qemu/qemu.conf.in 2022-06-19 22:15:28.366510311 +0200 | |
4 | @@ -147,6 +147,15 @@ | |
5 | #vnc_sasl = 1 | |
6 | ||
7 | ||
8 | +# Enable the VNC access control lists. When switched on this will | |
9 | +# initially block all vnc users from accessing the vnc server. To | |
10 | +# add and remove ids from the ACLs you will need to send the appropriate | |
11 | +# commands to the qemu monitor as required by your particular version of | |
12 | +# QEMU. See the QEMU documentation for more details. | |
13 | +# | |
14 | +# vnc_acl = 1 | |
15 | + | |
16 | + | |
17 | # The default SASL configuration file is located in /etc/sasl/ | |
18 | # When running libvirtd unprivileged, it may be desirable to | |
19 | # override the configs in this location. Set this parameter to | |
20 | diff -urNp -x '*.orig' libvirt-8.4.0.org/src/qemu/qemu_command.c libvirt-8.4.0/src/qemu/qemu_command.c | |
21 | --- libvirt-8.4.0.org/src/qemu/qemu_command.c 2022-06-01 09:28:24.000000000 +0200 | |
22 | +++ libvirt-8.4.0/src/qemu/qemu_command.c 2022-06-19 22:15:28.366510311 +0200 | |
23 | @@ -8333,6 +8333,9 @@ qemuBuildGraphicsVNCCommandLine(virQEMUD | |
24 | virBufferAsprintf(&opt, ",audiodev=%s", audioid); | |
be8dc440 JK |
25 | } |
26 | ||
875b1e77 KM |
27 | + if (cfg->vncACL) |
28 | + virBufferAddLit(&opt, ",acl"); | |
be8dc440 JK |
29 | + |
30 | virCommandAddArg(cmd, "-vnc"); | |
31 | virCommandAddArgBuffer(cmd, &opt); | |
32 | if (graphics->data.vnc.keymap) | |
927caa3c JR |
33 | diff -urNp -x '*.orig' libvirt-8.4.0.org/src/qemu/qemu_conf.c libvirt-8.4.0/src/qemu/qemu_conf.c |
34 | --- libvirt-8.4.0.org/src/qemu/qemu_conf.c 2022-06-01 09:28:24.000000000 +0200 | |
35 | +++ libvirt-8.4.0/src/qemu/qemu_conf.c 2022-06-19 22:15:28.366510311 +0200 | |
36 | @@ -439,6 +439,8 @@ virQEMUDriverConfigLoadVNCEntry(virQEMUD | |
875b1e77 KM |
37 | return -1; |
38 | if (virConfGetValueBool(conf, "vnc_allow_host_audio", &cfg->vncAllowHostAudio) < 0) | |
39 | return -1; | |
40 | + if (virConfGetValueBool(conf, "vnc_acl", &cfg->vncACL) < 0) | |
41 | + return -1; | |
42 | ||
927caa3c JR |
43 | if (cfg->vncPassword && |
44 | strlen(cfg->vncPassword) > 8) { | |
45 | diff -urNp -x '*.orig' libvirt-8.4.0.org/src/qemu/qemu_conf.h libvirt-8.4.0/src/qemu/qemu_conf.h | |
46 | --- libvirt-8.4.0.org/src/qemu/qemu_conf.h 2022-06-01 09:28:24.000000000 +0200 | |
47 | +++ libvirt-8.4.0/src/qemu/qemu_conf.h 2022-06-19 22:15:28.366510311 +0200 | |
48 | @@ -114,6 +114,7 @@ struct _virQEMUDriverConfig { | |
875b1e77 KM |
49 | bool vncTLSx509verify; |
50 | bool vncTLSx509verifyPresent; | |
51 | bool vncSASL; | |
52 | + bool vncACL; | |
53 | char *vncTLSx509certdir; | |
54 | char *vncTLSx509secretUUID; | |
55 | char *vncListen; |