- updated to 10.2.0

[packages/libvirt.git] / libvirt-sasl.patch

diff -ur libvirt-8.4.0.orig/docs/auth.rst libvirt-8.4.0/docs/auth.rst
--- libvirt-8.4.0.orig/docs/auth.rst    2022-06-02 23:58:08.077490237 +0200
+++ libvirt-8.4.0/docs/auth.rst 2022-06-02 23:58:27.936533169 +0200
@@ -225,7 +225,7 @@
 
 Since the libvirt SASL config file defaults to using ``GSSAPI`` (Kerberos), a
 config change is required to enable plain password auth. This is done by
-editing ``/etc/sasl2/libvirt.conf`` to set the ``mech_list``
+editing ``/etc/sasl/libvirt.conf`` to set the ``mech_list``
 parameter to ``scram-sha-256``.
 
 **Note:** previous versions of libvirt suggested ``DIGEST-MD5`` and
diff -ur libvirt-8.4.0.orig/src/qemu/qemu.conf.in libvirt-8.4.0/src/qemu/qemu.conf.in
--- libvirt-8.4.0.orig/src/qemu/qemu.conf.in    2022-06-02 23:58:08.164490425 +0200
+++ libvirt-8.4.0/src/qemu/qemu.conf.in 2022-06-03 00:01:05.398849381 +0200
@@ -141,18 +141,18 @@
 # Examples include vinagre, virt-viewer and virt-manager
 # itself. UltraVNC, RealVNC, TightVNC do not support this
 #
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# It is necessary to configure /etc/sasl/qemu.conf to choose
 # the desired SASL plugin (eg, GSSPI for Kerberos)
 #
 #vnc_sasl = 1
 
 
-# The default SASL configuration file is located in /etc/sasl2/
+# The default SASL configuration file is located in /etc/sasl/
 # When running libvirtd unprivileged, it may be desirable to
 # override the configs in this location. Set this parameter to
 # point to the directory, and create a qemu.conf in that location
 #
-#vnc_sasl_dir = "/some/directory/sasl2"
+#vnc_sasl_dir = "/some/directory/sasl"
 
 
 # QEMU implements an extension for providing audio over a VNC connection,
@@ -217,17 +217,17 @@
 # Enable use of SASL encryption on the SPICE server. This requires
 # a SPICE client which supports the SASL protocol extension.
 #
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# It is necessary to configure /etc/sasl/qemu.conf to choose
 # the desired SASL plugin (eg, GSSPI for Kerberos)
 #
 #spice_sasl = 1
 
-# The default SASL configuration file is located in /etc/sasl2/
+# The default SASL configuration file is located in /etc/sasl/
 # When running libvirtd unprivileged, it may be desirable to
 # override the configs in this location. Set this parameter to
 # point to the directory, and create a qemu.conf in that location
 #
-#spice_sasl_dir = "/some/directory/sasl2"
+#spice_sasl_dir = "/some/directory/sasl"
 
 # Enable use of TLS encryption on the chardev TCP transports.
 #
diff -ur libvirt-8.4.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-8.4.0/src/qemu/test_libvirtd_qemu.aug.in
--- libvirt-8.4.0.orig/src/qemu/test_libvirtd_qemu.aug.in       2022-06-02 23:58:08.170490438 +0200
+++ libvirt-8.4.0/src/qemu/test_libvirtd_qemu.aug.in    2022-06-02 23:58:30.521538761 +0200
@@ -13,7 +13,7 @@
 { "vnc_tls_x509_verify" = "1" }
 { "vnc_password" = "XYZ12345" }
 { "vnc_sasl" = "1" }
-{ "vnc_sasl_dir" = "/some/directory/sasl2" }
+{ "vnc_sasl_dir" = "/some/directory/sasl" }
 { "vnc_allow_host_audio" = "0" }
 { "spice_listen" = "0.0.0.0" }
 { "spice_tls" = "1" }
@@ -21,7 +21,7 @@
 { "spice_auto_unix_socket" = "1" }
 { "spice_password" = "XYZ12345" }
 { "spice_sasl" = "1" }
-{ "spice_sasl_dir" = "/some/directory/sasl2" }
+{ "spice_sasl_dir" = "/some/directory/sasl" }
 { "chardev_tls" = "1" }
 { "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
 { "chardev_tls_x509_verify" = "1" }
diff -ur libvirt-8.4.0.orig/src/remote/libvirtd.conf.in libvirt-8.4.0/src/remote/libvirtd.conf.in
--- libvirt-8.4.0.orig/src/remote/libvirtd.conf.in      2022-06-02 23:58:08.171490440 +0200
+++ libvirt-8.4.0/src/remote/libvirtd.conf.in   2022-06-02 23:58:30.521538761 +0200
@@ -136,7 +136,7 @@
 #          the network providing auth (eg, TLS/x509 certificates)
 #
 #  - sasl: use SASL infrastructure. The actual auth scheme is then
-#          controlled from @sysconfdir@/sasl2/libvirt.conf. For the TCP
+#          controlled from @sysconfdir@/sasl/libvirt.conf. For the TCP
 #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
 #          For non-TCP or TLS sockets, any scheme is allowed.
 #
@@ -186,7 +186,7 @@
 # If you don't enable SASL, then all TCP traffic is cleartext.
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in @sysconfdir@/sasl2/libvirt.conf
+# mechanism in @sysconfdir@/sasl/libvirt.conf
 #auth_tcp = "sasl"
 
 # Change the authentication scheme for TLS sockets.
diff -ur libvirt-8.4.0.orig/src/remote/meson.build libvirt-8.4.0/src/remote/meson.build
--- libvirt-8.4.0.orig/src/remote/meson.build   2022-06-02 23:58:08.171490440 +0200
+++ libvirt-8.4.0/src/remote/meson.build        2022-06-02 23:58:30.522538764 +0200
@@ -302,7 +302,7 @@
 if conf.has('WITH_SASL')
   install_data(
     'libvirtd.sasl',
-    install_dir: sysconfdir / 'sasl2',
+    install_dir: sysconfdir / 'sasl',
     rename: [ 'libvirt.conf' ],
   )
 endif
diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args
--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args    2022-06-02 23:58:08.323490769 +0200
+++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args 2022-06-02 23:58:30.522538764 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/root/.sasl2 \
+SASL_CONF_PATH=/root/.sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args
--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args      2022-06-02 23:58:08.324490771 +0200
+++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args   2022-06-02 23:58:31.535540952 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/root/.sasl2 \
+SASL_CONF_PATH=/root/.sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args
--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args 2022-06-02 23:58:08.324490771 +0200
+++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args      2022-06-02 23:58:31.535540952 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/root/.sasl2 \
+SASL_CONF_PATH=/root/.sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args
--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args        2022-06-02 23:58:08.324490771 +0200
+++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args     2022-06-02 23:58:31.536540954 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/root/.sasl2 \
+SASL_CONF_PATH=/root/.sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args
--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args       2022-06-02 23:58:08.324490771 +0200
+++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args    2022-06-02 23:58:32.239542466 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/root/.sasl2 \
+SASL_CONF_PATH=/root/.sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvtest.c libvirt-8.4.0/tests/qemuxml2argvtest.c
--- libvirt-8.4.0.orig/tests/qemuxml2argvtest.c 2022-06-02 23:58:08.469491084 +0200
+++ libvirt-8.4.0/tests/qemuxml2argvtest.c      2022-06-02 23:59:10.540619907 +0200
@@ -1509,7 +1509,7 @@
 
     driver.config->vncSASL = 1;
     VIR_FREE(driver.config->vncSASLdir);
-    driver.config->vncSASLdir = g_strdup("/root/.sasl2");
+    driver.config->vncSASLdir = g_strdup("/root/.sasl");
     DO_TEST_CAPS_LATEST("graphics-vnc-sasl");
     driver.config->vncTLS = 1;
     driver.config->vncTLSx509verify = 1;
@@ -1531,7 +1531,7 @@
     DO_TEST_CAPS_LATEST("graphics-spice");
     DO_TEST_CAPS_LATEST("graphics-spice-no-args");
     driver.config->spiceSASL = 1;
-    driver.config->spiceSASLdir = g_strdup("/root/.sasl2");
+    driver.config->spiceSASLdir = g_strdup("/root/.sasl");
     DO_TEST_CAPS_LATEST("graphics-spice-sasl");
     VIR_FREE(driver.config->spiceSASLdir);
     driver.config->spiceSASL = 0;
diff -ur libvirt-8.4.0.orig/tests/virconfdata/libvirtd.conf libvirt-8.4.0/tests/virconfdata/libvirtd.conf
--- libvirt-8.4.0.orig/tests/virconfdata/libvirtd.conf  2022-06-02 23:58:08.555491270 +0200
+++ libvirt-8.4.0/tests/virconfdata/libvirtd.conf       2022-06-02 23:58:32.240542468 +0200
@@ -91,7 +91,7 @@
 #          the network providing auth (eg, TLS/x509 certificates)
 #
 #  - sasl: use SASL infrastructure. The actual auth scheme is then
-#          controlled from /etc/sasl2/libvirt.conf. For the TCP
+#          controlled from /etc/sasl/libvirt.conf. For the TCP
 #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
 #          For non-TCP or TLS sockets,  any scheme is allowed.
 #
@@ -122,7 +122,7 @@
 # If you don't enable SASL, then all TCP traffic is cleartext.
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
 auth_tcp = "sasl"
 
 # Change the authentication scheme for TLS sockets.
diff -ur libvirt-8.4.0.orig/tests/virconfdata/libvirtd.out libvirt-8.4.0/tests/virconfdata/libvirtd.out
--- libvirt-8.4.0.orig/tests/virconfdata/libvirtd.out   2022-06-02 23:58:08.555491270 +0200
+++ libvirt-8.4.0/tests/virconfdata/libvirtd.out        2022-06-02 23:58:32.240542468 +0200
@@ -73,7 +73,7 @@
 #          the network providing auth (eg, TLS/x509 certificates)
 #
 #  - sasl: use SASL infrastructure. The actual auth scheme is then
-#          controlled from /etc/sasl2/libvirt.conf. For the TCP
+#          controlled from /etc/sasl/libvirt.conf. For the TCP
 #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
 #          For non-TCP or TLS sockets,  any scheme is allowed.
 #
@@ -102,7 +102,7 @@
 # If you don't enable SASL, then all TCP traffic is cleartext.
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
 auth_tcp = "sasl"
 # Change the authentication scheme for TLS sockets.
 #