- Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
- config change is rquired to enable plain password auth. This is done by
--editting /etc/sasl2/libvirt.conf to set the mech_list
-+editting /etc/sasl/libvirt.conf to set the mech_list
- parameter to scram-sha-1.
-
-diff -ur libvirt-5.5.0.orig/docs/auth.html.in libvirt-5.5.0/docs/auth.html.in ---- libvirt-5.5.0.orig/docs/auth.html.in 2019-07-14 19:23:33.991000000 +0200 -+++ libvirt-5.5.0/docs/auth.html.in 2019-07-14 19:23:54.564000000 +0200 -@@ -277,7 +277,7 @@ +diff -ur libvirt-5.10.0.orig/docs/auth.html.in libvirt-5.10.0/docs/auth.html.in +--- libvirt-5.10.0.orig/docs/auth.html.in 2019-12-08 00:42:43.765000000 +0100 ++++ libvirt-5.10.0/docs/auth.html.in 2019-12-08 00:43:02.262000000 +0100 +@@ -275,7 +275,7 @@
Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
config change is rquired to enable plain password auth. This is done by
@@ -22,21 +10,21 @@ diff -ur libvirt-5.5.0.orig/docs/auth.html.in libvirt-5.5.0/docs/auth.html.in
parameter to scram-sha-1.
-diff -ur libvirt-5.5.0.orig/src/Makefile.in libvirt-5.5.0/src/Makefile.in ---- libvirt-5.5.0.orig/src/Makefile.in 2019-07-14 19:23:33.798000000 +0200 -+++ libvirt-5.5.0/src/Makefile.in 2019-07-14 19:23:54.566000000 +0200 -@@ -6723,7 +6723,7 @@ +diff -ur libvirt-5.10.0.orig/src/Makefile.in libvirt-5.10.0/src/Makefile.in +--- libvirt-5.10.0.orig/src/Makefile.in 2019-12-08 00:42:43.668000000 +0100 ++++ libvirt-5.10.0/src/Makefile.in 2019-12-08 00:43:02.265000000 +0100 +@@ -7409,7 +7409,7 @@ # This is needed for clients too, so can't wrap in # the WITH_LIBVIRTD conditional -@WITH_SASL_TRUE@sasldir = $(sysconfdir)/sasl2 +@WITH_SASL_TRUE@sasldir = $(sysconfdir)/sasl - THREAD_LIBS = $(LIB_PTHREAD) $(LTLIBMULTITHREAD) - SECDRIVER_CFLAGS = $(am__append_191) $(am__append_193) - SECDRIVER_LIBS = $(am__append_192) $(am__append_194) -diff -ur libvirt-5.5.0.orig/src/qemu/qemu.conf libvirt-5.5.0/src/qemu/qemu.conf ---- libvirt-5.5.0.orig/src/qemu/qemu.conf 2019-07-14 19:23:33.825000000 +0200 -+++ libvirt-5.5.0/src/qemu/qemu.conf 2019-07-14 19:23:54.566000000 +0200 + LIBVIRTD_UNIT_VARS = \ + $(COMMON_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt|g' \ +diff -ur libvirt-5.10.0.orig/src/qemu/qemu.conf libvirt-5.10.0/src/qemu/qemu.conf +--- libvirt-5.10.0.orig/src/qemu/qemu.conf 2019-12-08 00:42:43.698000000 +0100 ++++ libvirt-5.10.0/src/qemu/qemu.conf 2019-12-08 00:43:02.265000000 +0100 @@ -135,18 +135,18 @@ # Examples include vinagre, virt-viewer and virt-manager # itself. UltraVNC, RealVNC, TightVNC do not support this @@ -80,9 +68,9 @@ diff -ur libvirt-5.5.0.orig/src/qemu/qemu.conf libvirt-5.5.0/src/qemu/qemu.conf # Enable use of TLS encryption on the chardev TCP transports. # -diff -ur libvirt-5.5.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-5.5.0/src/qemu/test_libvirtd_qemu.aug.in ---- libvirt-5.5.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2019-07-14 19:23:33.824000000 +0200 -+++ libvirt-5.5.0/src/qemu/test_libvirtd_qemu.aug.in 2019-07-14 19:23:54.566000000 +0200 +diff -ur libvirt-5.10.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-5.10.0/src/qemu/test_libvirtd_qemu.aug.in +--- libvirt-5.10.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2019-12-08 00:42:43.697000000 +0100 ++++ libvirt-5.10.0/src/qemu/test_libvirtd_qemu.aug.in 2019-12-08 00:43:02.265000000 +0100 @@ -13,7 +13,7 @@ { "vnc_tls_x509_verify" = "1" } { "vnc_password" = "XYZ12345" } @@ -101,42 +89,42 @@ diff -ur libvirt-5.5.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-5.5.0/src { "chardev_tls" = "1" } { "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" } { "chardev_tls_x509_verify" = "1" } -diff -ur libvirt-5.5.0.orig/src/remote/libvirtd.conf libvirt-5.5.0/src/remote/libvirtd.conf ---- libvirt-5.5.0.orig/src/remote/libvirtd.conf 2019-07-14 19:23:33.810000000 +0200 -+++ libvirt-5.5.0/src/remote/libvirtd.conf 2019-07-14 19:23:54.566000000 +0200 -@@ -101,7 +101,7 @@ +diff -ur libvirt-5.10.0.orig/src/remote/Makefile.inc.am libvirt-5.10.0/src/remote/Makefile.inc.am +--- libvirt-5.10.0.orig/src/remote/Makefile.inc.am 2019-12-08 00:42:43.683000000 +0100 ++++ libvirt-5.10.0/src/remote/Makefile.inc.am 2019-12-08 00:43:02.266000000 +0100 +@@ -375,7 +375,7 @@ + # This is needed for clients too, so can't wrap in + # the WITH_LIBVIRTD conditional + if WITH_SASL +-sasldir = $(sysconfdir)/sasl2 ++sasldir = $(sysconfdir)/sasl + + install-sasl: + $(MKDIR_P) $(DESTDIR)$(sasldir) +diff -ur libvirt-5.10.0.orig/src/remote/libvirtd.conf.in libvirt-5.10.0/src/remote/libvirtd.conf.in +--- libvirt-5.10.0.orig/src/remote/libvirtd.conf.in 2019-12-08 00:42:43.683000000 +0100 ++++ libvirt-5.10.0/src/remote/libvirtd.conf.in 2019-12-08 00:43:02.266000000 +0100 +@@ -134,7 +134,7 @@ # the network providing auth (eg, TLS/x509 certificates) # # - sasl: use SASL infrastructure. The actual auth scheme is then --# controlled from /etc/sasl2/libvirt.conf. For the TCP -+# controlled from /etc/sasl/libvirt.conf. For the TCP +-# controlled from @sysconfdir@/sasl2/libvirt.conf. For the TCP ++# controlled from @sysconfdir@/sasl/libvirt.conf. For the TCP # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. # For non-TCP or TLS sockets, any scheme is allowed. # -@@ -132,7 +132,7 @@ +@@ -166,7 +166,7 @@ # If you don't enable SASL, then all TCP traffic is cleartext. # Don't do this outside of a dev/test scenario. For real world # use, always enable SASL and use the GSSAPI or DIGEST-MD5 --# mechanism in /etc/sasl2/libvirt.conf -+# mechanism in /etc/sasl/libvirt.conf +-# mechanism in @sysconfdir@/sasl2/libvirt.conf ++# mechanism in @sysconfdir@/sasl/libvirt.conf #auth_tcp = "sasl" # Change the authentication scheme for TLS sockets. -diff -ur libvirt-5.5.0.orig/src/remote/Makefile.inc.am libvirt-5.5.0/src/remote/Makefile.inc.am ---- libvirt-5.5.0.orig/src/remote/Makefile.inc.am 2019-07-14 19:23:33.812000000 +0200 -+++ libvirt-5.5.0/src/remote/Makefile.inc.am 2019-07-14 19:23:54.567000000 +0200 -@@ -244,7 +244,7 @@ - # This is needed for clients too, so can't wrap in - # the WITH_LIBVIRTD conditional - if WITH_SASL --sasldir = $(sysconfdir)/sasl2 -+sasldir = $(sysconfdir)/sasl - - install-sasl: - $(MKDIR_P) $(DESTDIR)$(sasldir) -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args libvirt-5.5.0/tests/qemuxml2argvdata/graphics-spice-sasl.args ---- libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args 2019-07-14 19:23:33.362000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvdata/graphics-spice-sasl.args 2019-07-14 19:23:59.923000000 +0200 +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args libvirt-5.10.0/tests/qemuxml2argvdata/graphics-spice-sasl.args +--- libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args 2019-12-08 00:42:43.289000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvdata/graphics-spice-sasl.args 2019-12-08 00:43:02.266000000 +0100 @@ -6,7 +6,7 @@ XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ @@ -146,9 +134,9 @@ diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args libv QEMU_AUDIO_DRV=spice \ /usr/bin/qemu-system-i686 \ -name QEMUGuest1 \ -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args ---- libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2019-07-14 19:23:33.375000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2019-07-14 19:23:59.923000000 +0200 +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args +--- libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2019-12-08 00:42:43.303000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2019-12-08 00:43:02.266000000 +0100 @@ -6,7 +6,7 @@ XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ @@ -158,9 +146,9 @@ diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args libvir QEMU_AUDIO_DRV=none \ /usr/bin/qemu-system-i686 \ -name QEMUGuest1 \ -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.args ---- libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args 2019-07-14 19:23:33.361000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.args 2019-07-14 19:23:59.923000000 +0200 +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args +--- libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2019-12-08 00:42:43.303000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2019-12-08 00:43:02.266000000 +0100 @@ -6,7 +6,7 @@ XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ @@ -169,10 +157,10 @@ diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args libvirt +SASL_CONF_PATH=/root/.sasl \ QEMU_AUDIO_DRV=none \ /usr/bin/qemu-system-i686 \ - -name QEMUGuest1 \ -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args ---- libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2019-07-14 19:23:33.375000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2019-07-14 19:26:27.145000000 +0200 + -name guest=QEMUGuest1,debug-threads=on \ +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls.args +--- libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args 2019-12-08 00:42:43.289000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls.args 2019-12-08 00:43:02.266000000 +0100 @@ -6,7 +6,7 @@ XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ @@ -181,10 +169,10 @@ diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_6 +SASL_CONF_PATH=/root/.sasl \ QEMU_AUDIO_DRV=none \ /usr/bin/qemu-system-i686 \ - -name guest=QEMUGuest1,debug-threads=on \ -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args ---- libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args 2019-07-14 19:23:33.369000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args 2019-07-14 19:26:23.287000000 +0200 + -name QEMUGuest1 \ +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args +--- libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args 2019-12-08 00:42:43.297000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args 2019-12-08 00:43:02.267000000 +0100 @@ -6,7 +6,7 @@ XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ @@ -194,9 +182,9 @@ diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0 QEMU_AUDIO_DRV=none \ /usr/bin/qemu-system-i686 \ -name guest=QEMUGuest1,debug-threads=on \ -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args ---- libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2019-07-14 19:23:33.371000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2019-07-14 19:26:19.952000000 +0200 +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args +--- libvirt-5.10.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2019-12-08 00:42:43.299000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2019-12-08 00:43:02.298000000 +0100 @@ -6,7 +6,7 @@ XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ @@ -206,30 +194,30 @@ diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-lates QEMU_AUDIO_DRV=none \ /usr/bin/qemu-system-i686 \ -name guest=QEMUGuest1,debug-threads=on \ -diff -ur libvirt-5.5.0.orig/tests/qemuxml2argvtest.c libvirt-5.5.0/tests/qemuxml2argvtest.c ---- libvirt-5.5.0.orig/tests/qemuxml2argvtest.c 2019-07-14 19:23:33.401000000 +0200 -+++ libvirt-5.5.0/tests/qemuxml2argvtest.c 2019-07-14 19:23:59.924000000 +0200 -@@ -1155,7 +1155,7 @@ +diff -ur libvirt-5.10.0.orig/tests/qemuxml2argvtest.c libvirt-5.10.0/tests/qemuxml2argvtest.c +--- libvirt-5.10.0.orig/tests/qemuxml2argvtest.c 2019-12-08 00:42:43.258000000 +0100 ++++ libvirt-5.10.0/tests/qemuxml2argvtest.c 2019-12-08 00:43:42.225000000 +0100 +@@ -1188,7 +1188,7 @@ driver.config->vncSASL = 1; VIR_FREE(driver.config->vncSASLdir); -- ignore_value(VIR_STRDUP(driver.config->vncSASLdir, "/root/.sasl2")); -+ ignore_value(VIR_STRDUP(driver.config->vncSASLdir, "/root/.sasl")); +- driver.config->vncSASLdir = g_strdup("/root/.sasl2"); ++ driver.config->vncSASLdir = g_strdup("/root/.sasl"); DO_TEST("graphics-vnc-sasl", QEMU_CAPS_VNC, QEMU_CAPS_DEVICE_CIRRUS_VGA); driver.config->vncTLS = 1; driver.config->vncTLSx509verify = 1; -@@ -1187,7 +1187,7 @@ +@@ -1218,7 +1218,7 @@ DO_TEST("graphics-spice-no-args", QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_CIRRUS_VGA); driver.config->spiceSASL = 1; -- ignore_value(VIR_STRDUP(driver.config->spiceSASLdir, "/root/.sasl2")); -+ ignore_value(VIR_STRDUP(driver.config->spiceSASLdir, "/root/.sasl")); +- driver.config->spiceSASLdir = g_strdup("/root/.sasl2"); ++ driver.config->spiceSASLdir = g_strdup("/root/.sasl"); DO_TEST("graphics-spice-sasl", QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_QXL); -diff -ur libvirt-5.5.0.orig/tests/virconfdata/libvirtd.conf libvirt-5.5.0/tests/virconfdata/libvirtd.conf ---- libvirt-5.5.0.orig/tests/virconfdata/libvirtd.conf 2019-07-14 19:23:33.602000000 +0200 -+++ libvirt-5.5.0/tests/virconfdata/libvirtd.conf 2019-07-14 19:23:59.924000000 +0200 +diff -ur libvirt-5.10.0.orig/tests/virconfdata/libvirtd.conf libvirt-5.10.0/tests/virconfdata/libvirtd.conf +--- libvirt-5.10.0.orig/tests/virconfdata/libvirtd.conf 2019-12-08 00:42:43.506000000 +0100 ++++ libvirt-5.10.0/tests/virconfdata/libvirtd.conf 2019-12-08 00:43:02.300000000 +0100 @@ -91,7 +91,7 @@ # the network providing auth (eg, TLS/x509 certificates) # @@ -248,9 +236,9 @@ diff -ur libvirt-5.5.0.orig/tests/virconfdata/libvirtd.conf libvirt-5.5.0/tests/ auth_tcp = "sasl" # Change the authentication scheme for TLS sockets. -diff -ur libvirt-5.5.0.orig/tests/virconfdata/libvirtd.out libvirt-5.5.0/tests/virconfdata/libvirtd.out ---- libvirt-5.5.0.orig/tests/virconfdata/libvirtd.out 2019-07-14 19:23:33.602000000 +0200 -+++ libvirt-5.5.0/tests/virconfdata/libvirtd.out 2019-07-14 19:23:59.924000000 +0200 +diff -ur libvirt-5.10.0.orig/tests/virconfdata/libvirtd.out libvirt-5.10.0/tests/virconfdata/libvirtd.out +--- libvirt-5.10.0.orig/tests/virconfdata/libvirtd.out 2019-12-08 00:42:43.506000000 +0100 ++++ libvirt-5.10.0/tests/virconfdata/libvirtd.out 2019-12-08 00:43:02.300000000 +0100 @@ -73,7 +73,7 @@ # the network providing auth (eg, TLS/x509 certificates) #