X-Git-Url: https://git.tld-linux.org/?a=blobdiff_plain;f=libvirt-qemu-acl.patch;h=779f6dd4748d184ea5ffad442b742bcb840c1a7c;hb=9017d899aa638cff4d379fb84c28a733f0bc8289;hp=3ea5678584ab91fb1fa69acc912ba4f2e5b2afbf;hpb=3e36cfaeb430c9abf7b9a6b93d92661d49120ce4;p=packages%2Flibvirt.git diff --git a/libvirt-qemu-acl.patch b/libvirt-qemu-acl.patch index 3ea5678..779f6dd 100644 --- a/libvirt-qemu-acl.patch +++ b/libvirt-qemu-acl.patch @@ -1,26 +1,7 @@ -diff -ur libvirt-6.10.0.orig/src/qemu/qemu.conf libvirt-6.10.0/src/qemu/qemu.conf ---- libvirt-6.10.0.orig/src/qemu/qemu.conf 2021-01-01 20:40:17.379692686 +0100 -+++ libvirt-6.10.0/src/qemu/qemu.conf 2021-01-01 20:40:45.381692686 +0100 -@@ -147,6 +147,15 @@ - #vnc_sasl = 1 - - -+# Enable the VNC access control lists. When switched on this will -+# initially block all vnc users from accessing the vnc server. To -+# add and remove ids from the ACLs you will need to send the appropriate -+# commands to the qemu monitor as required by your particular version of -+# QEMU. See the QEMU documentation for more details. -+# -+# vnc_acl = 1 -+ -+ - # The default SASL configuration file is located in /etc/sasl/ - # When running libvirtd unprivileged, it may be desirable to - # override the configs in this location. Set this parameter to -diff -ur libvirt-6.10.0.orig/src/qemu/qemu_command.c libvirt-6.10.0/src/qemu/qemu_command.c ---- libvirt-6.10.0.orig/src/qemu/qemu_command.c 2021-01-01 20:40:17.375692686 +0100 -+++ libvirt-6.10.0/src/qemu/qemu_command.c 2021-01-01 20:40:45.382692686 +0100 -@@ -7597,6 +7597,10 @@ +diff -ur libvirt-9.5.0.orig/src/qemu/qemu_command.c libvirt-9.5.0/src/qemu/qemu_command.c +--- libvirt-9.5.0.orig/src/qemu/qemu_command.c 2023-07-20 17:19:16.014948742 +0200 ++++ libvirt-9.5.0/src/qemu/qemu_command.c 2023-07-20 17:19:30.957162714 +0200 +@@ -8057,6 +8057,10 @@ virCommandAddEnvPair(cmd, "SASL_CONF_PATH", cfg->vncSASLdir); /* TODO: Support ACLs later */ @@ -30,23 +11,23 @@ diff -ur libvirt-6.10.0.orig/src/qemu/qemu_command.c libvirt-6.10.0/src/qemu/qem + } - virCommandAddArg(cmd, "-vnc"); -diff -ur libvirt-6.10.0.orig/src/qemu/qemu_conf.c libvirt-6.10.0/src/qemu/qemu_conf.c ---- libvirt-6.10.0.orig/src/qemu/qemu_conf.c 2021-01-01 20:40:17.375692686 +0100 -+++ libvirt-6.10.0/src/qemu/qemu_conf.c 2021-01-01 20:40:45.382692686 +0100 -@@ -446,6 +446,8 @@ + if (graphics->data.vnc.powerControl != VIR_TRISTATE_BOOL_ABSENT) { +diff -ur libvirt-9.5.0.orig/src/qemu/qemu_conf.c libvirt-9.5.0/src/qemu/qemu_conf.c +--- libvirt-9.5.0.orig/src/qemu/qemu_conf.c 2023-07-20 17:19:16.014948742 +0200 ++++ libvirt-9.5.0/src/qemu/qemu_conf.c 2023-07-20 17:19:30.958162728 +0200 +@@ -443,6 +443,8 @@ return -1; if (virConfGetValueBool(conf, "vnc_allow_host_audio", &cfg->vncAllowHostAudio) < 0) return -1; + if (virConfGetValueBool(conf, "vnc_acl", &cfg->vncACL) < 0) + return -1; - return 0; - } -diff -ur libvirt-6.10.0.orig/src/qemu/qemu_conf.h libvirt-6.10.0/src/qemu/qemu_conf.h ---- libvirt-6.10.0.orig/src/qemu/qemu_conf.h 2021-01-01 20:40:17.375692686 +0100 -+++ libvirt-6.10.0/src/qemu/qemu_conf.h 2021-01-01 20:40:45.383692686 +0100 -@@ -116,6 +116,7 @@ + if (cfg->vncPassword && + strlen(cfg->vncPassword) > 8) { +diff -ur libvirt-9.5.0.orig/src/qemu/qemu_conf.h libvirt-9.5.0/src/qemu/qemu_conf.h +--- libvirt-9.5.0.orig/src/qemu/qemu_conf.h 2023-07-20 17:19:16.014948742 +0200 ++++ libvirt-9.5.0/src/qemu/qemu_conf.h 2023-07-20 17:19:30.958162728 +0200 +@@ -119,6 +119,7 @@ bool vncTLSx509verify; bool vncTLSx509verifyPresent; bool vncSASL; @@ -54,3 +35,22 @@ diff -ur libvirt-6.10.0.orig/src/qemu/qemu_conf.h libvirt-6.10.0/src/qemu/qemu_c char *vncTLSx509certdir; char *vncTLSx509secretUUID; char *vncListen; +diff -ur libvirt-9.5.0.orig/src/qemu/qemu.conf.in libvirt-9.5.0/src/qemu/qemu.conf.in +--- libvirt-9.5.0.orig/src/qemu/qemu.conf.in 2023-07-20 17:19:16.013948728 +0200 ++++ libvirt-9.5.0/src/qemu/qemu.conf.in 2023-07-20 17:19:30.958162728 +0200 +@@ -147,6 +147,15 @@ + #vnc_sasl = 1 + + ++# Enable the VNC access control lists. When switched on this will ++# initially block all vnc users from accessing the vnc server. To ++# add and remove ids from the ACLs you will need to send the appropriate ++# commands to the qemu monitor as required by your particular version of ++# QEMU. See the QEMU documentation for more details. ++# ++# vnc_acl = 1 ++ ++ + # The default SASL configuration file is located in /etc/sasl/ + # When running libvirtd unprivileged, it may be desirable to + # override the configs in this location. Set this parameter to