]> TLD Linux GIT Repositories - packages/libvirt.git/blob - libvirt-sasl.patch
TLD / packages / libvirt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- updated to 6.2.0
[packages/libvirt.git] / libvirt-sasl.patch
1 diff -ur libvirt-6.1.0.orig/docs/auth.html.in libvirt-6.1.0/docs/auth.html.in
2 --- libvirt-6.1.0.orig/docs/auth.html.in        2020-03-06 09:47:34.102000000 +0100
3 +++ libvirt-6.1.0/docs/auth.html.in     2020-03-06 09:48:38.900000000 +0100
4 @@ -275,7 +275,7 @@
5      <p>
6  Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
7  config change is required to enable plain password auth. This is done by
8 -editting <code>/etc/sasl2/libvirt.conf</code> to set the <code>mech_list</code>
9 +editting <code>/etc/sasl/libvirt.conf</code> to set the <code>mech_list</code>
10  parameter to <code>scram-sha-1</code>.
11      </p>
12      <p>
13 diff -ur libvirt-6.1.0.orig/src/Makefile.in libvirt-6.1.0/src/Makefile.in
14 --- libvirt-6.1.0.orig/src/Makefile.in  2020-03-06 09:47:34.051000000 +0100
15 +++ libvirt-6.1.0/src/Makefile.in       2020-03-06 09:47:52.660000000 +0100
16 @@ -6273,7 +6273,7 @@
17  
18  # This is needed for clients too, so can't wrap in
19  # the WITH_LIBVIRTD conditional
20 -@WITH_SASL_TRUE@sasldir = $(sysconfdir)/sasl2
21 +@WITH_SASL_TRUE@sasldir = $(sysconfdir)/sasl
22  LIBVIRTD_UNIT_VARS = \
23         $(COMMON_UNIT_VARS) \
24         -e 's|[@]name[@]|Libvirt|g' \
25 diff -ur libvirt-6.1.0.orig/src/qemu/qemu.conf libvirt-6.1.0/src/qemu/qemu.conf
26 --- libvirt-6.1.0.orig/src/qemu/qemu.conf       2020-03-06 09:47:34.078000000 +0100
27 +++ libvirt-6.1.0/src/qemu/qemu.conf    2020-03-06 09:47:52.660000000 +0100
28 @@ -135,18 +135,18 @@
29  # Examples include vinagre, virt-viewer and virt-manager
30  # itself. UltraVNC, RealVNC, TightVNC do not support this
31  #
32 -# It is necessary to configure /etc/sasl2/qemu.conf to choose
33 +# It is necessary to configure /etc/sasl/qemu.conf to choose
34  # the desired SASL plugin (eg, GSSPI for Kerberos)
35  #
36  #vnc_sasl = 1
37  
38  
39 -# The default SASL configuration file is located in /etc/sasl2/
40 +# The default SASL configuration file is located in /etc/sasl/
41  # When running libvirtd unprivileged, it may be desirable to
42  # override the configs in this location. Set this parameter to
43  # point to the directory, and create a qemu.conf in that location
44  #
45 -#vnc_sasl_dir = "/some/directory/sasl2"
46 +#vnc_sasl_dir = "/some/directory/sasl"
47  
48  
49  # QEMU implements an extension for providing audio over a VNC connection,
50 @@ -211,17 +211,17 @@
51  # Enable use of SASL encryption on the SPICE server. This requires
52  # a SPICE client which supports the SASL protocol extension.
53  #
54 -# It is necessary to configure /etc/sasl2/qemu.conf to choose
55 +# It is necessary to configure /etc/sasl/qemu.conf to choose
56  # the desired SASL plugin (eg, GSSPI for Kerberos)
57  #
58  #spice_sasl = 1
59  
60 -# The default SASL configuration file is located in /etc/sasl2/
61 +# The default SASL configuration file is located in /etc/sasl/
62  # When running libvirtd unprivileged, it may be desirable to
63  # override the configs in this location. Set this parameter to
64  # point to the directory, and create a qemu.conf in that location
65  #
66 -#spice_sasl_dir = "/some/directory/sasl2"
67 +#spice_sasl_dir = "/some/directory/sasl"
68  
69  # Enable use of TLS encryption on the chardev TCP transports.
70  #
71 diff -ur libvirt-6.1.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-6.1.0/src/qemu/test_libvirtd_qemu.aug.in
72 --- libvirt-6.1.0.orig/src/qemu/test_libvirtd_qemu.aug.in       2020-03-06 09:47:34.077000000 +0100
73 +++ libvirt-6.1.0/src/qemu/test_libvirtd_qemu.aug.in    2020-03-06 09:47:52.661000000 +0100
74 @@ -13,7 +13,7 @@
75  { "vnc_tls_x509_verify" = "1" }
76  { "vnc_password" = "XYZ12345" }
77  { "vnc_sasl" = "1" }
78 -{ "vnc_sasl_dir" = "/some/directory/sasl2" }
79 +{ "vnc_sasl_dir" = "/some/directory/sasl" }
80  { "vnc_allow_host_audio" = "0" }
81  { "spice_listen" = "0.0.0.0" }
82  { "spice_tls" = "1" }
83 @@ -21,7 +21,7 @@
84  { "spice_auto_unix_socket" = "1" }
85  { "spice_password" = "XYZ12345" }
86  { "spice_sasl" = "1" }
87 -{ "spice_sasl_dir" = "/some/directory/sasl2" }
88 +{ "spice_sasl_dir" = "/some/directory/sasl" }
89  { "chardev_tls" = "1" }
90  { "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
91  { "chardev_tls_x509_verify" = "1" }
92 diff -ur libvirt-6.1.0.orig/src/remote/Makefile.inc.am libvirt-6.1.0/src/remote/Makefile.inc.am
93 --- libvirt-6.1.0.orig/src/remote/Makefile.inc.am       2020-03-06 09:47:34.063000000 +0100
94 +++ libvirt-6.1.0/src/remote/Makefile.inc.am    2020-03-06 09:47:52.661000000 +0100
95 @@ -382,7 +382,7 @@
96  # This is needed for clients too, so can't wrap in
97  # the WITH_LIBVIRTD conditional
98  if WITH_SASL
99 -sasldir = $(sysconfdir)/sasl2
100 +sasldir = $(sysconfdir)/sasl
101  
102  install-sasl:
103         $(MKDIR_P) $(DESTDIR)$(sasldir)
104 diff -ur libvirt-6.1.0.orig/src/remote/libvirtd.conf.in libvirt-6.1.0/src/remote/libvirtd.conf.in
105 --- libvirt-6.1.0.orig/src/remote/libvirtd.conf.in      2020-03-06 09:47:34.063000000 +0100
106 +++ libvirt-6.1.0/src/remote/libvirtd.conf.in   2020-03-06 09:47:52.661000000 +0100
107 @@ -134,7 +134,7 @@
108  #          the network providing auth (eg, TLS/x509 certificates)
109  #
110  #  - sasl: use SASL infrastructure. The actual auth scheme is then
111 -#          controlled from @sysconfdir@/sasl2/libvirt.conf. For the TCP
112 +#          controlled from @sysconfdir@/sasl/libvirt.conf. For the TCP
113  #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
114  #          For non-TCP or TLS sockets, any scheme is allowed.
115  #
116 @@ -166,7 +166,7 @@
117  # If you don't enable SASL, then all TCP traffic is cleartext.
118  # Don't do this outside of a dev/test scenario. For real world
119  # use, always enable SASL and use the GSSAPI or DIGEST-MD5
120 -# mechanism in @sysconfdir@/sasl2/libvirt.conf
121 +# mechanism in @sysconfdir@/sasl/libvirt.conf
122  #auth_tcp = "sasl"
123  
124  # Change the authentication scheme for TLS sockets.
125 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args libvirt-6.1.0/tests/qemuxml2argvdata/graphics-spice-sasl.args
126 --- libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args  2020-03-06 09:47:33.713000000 +0100
127 +++ libvirt-6.1.0/tests/qemuxml2argvdata/graphics-spice-sasl.args       2020-03-06 09:47:52.661000000 +0100
128 @@ -6,7 +6,7 @@
129  XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
130  XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
131  XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
132 -SASL_CONF_PATH=/root/.sasl2 \
133 +SASL_CONF_PATH=/root/.sasl \
134  QEMU_AUDIO_DRV=spice \
135  /usr/bin/qemu-system-i386 \
136  -name QEMUGuest1 \
137 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args
138 --- libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args    2020-03-06 09:47:33.722000000 +0100
139 +++ libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2020-03-06 09:47:52.662000000 +0100
140 @@ -6,7 +6,7 @@
141  XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
142  XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
143  XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
144 -SASL_CONF_PATH=/root/.sasl2 \
145 +SASL_CONF_PATH=/root/.sasl \
146  QEMU_AUDIO_DRV=none \
147  /usr/bin/qemu-system-i386 \
148  -name QEMUGuest1 \
149 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args
150 --- libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args        2020-03-06 09:47:33.722000000 +0100
151 +++ libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args     2020-03-06 09:47:52.662000000 +0100
152 @@ -6,7 +6,7 @@
153  XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
154  XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
155  XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
156 -SASL_CONF_PATH=/root/.sasl2 \
157 +SASL_CONF_PATH=/root/.sasl \
158  QEMU_AUDIO_DRV=none \
159  /usr/bin/qemu-system-i386 \
160  -name guest=QEMUGuest1,debug-threads=on \
161 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls.args
162 --- libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args     2020-03-06 09:47:33.713000000 +0100
163 +++ libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls.args  2020-03-06 09:47:52.663000000 +0100
164 @@ -6,7 +6,7 @@
165  XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
166  XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
167  XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
168 -SASL_CONF_PATH=/root/.sasl2 \
169 +SASL_CONF_PATH=/root/.sasl \
170  QEMU_AUDIO_DRV=none \
171  /usr/bin/qemu-system-i386 \
172  -name QEMUGuest1 \
173 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args
174 --- libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args        2020-03-06 09:47:33.718000000 +0100
175 +++ libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.4.0.args     2020-03-06 09:47:52.663000000 +0100
176 @@ -6,7 +6,7 @@
177  XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
178  XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
179  XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
180 -SASL_CONF_PATH=/root/.sasl2 \
181 +SASL_CONF_PATH=/root/.sasl \
182  QEMU_AUDIO_DRV=none \
183  /usr/bin/qemu-system-i386 \
184  -name guest=QEMUGuest1,debug-threads=on \
185 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args
186 --- libvirt-6.1.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args       2020-03-06 09:47:33.719000000 +0100
187 +++ libvirt-6.1.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args    2020-03-06 09:47:52.664000000 +0100
188 @@ -6,7 +6,7 @@
189  XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
190  XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
191  XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
192 -SASL_CONF_PATH=/root/.sasl2 \
193 +SASL_CONF_PATH=/root/.sasl \
194  QEMU_AUDIO_DRV=none \
195  /usr/bin/qemu-system-i386 \
196  -name guest=QEMUGuest1,debug-threads=on \
197 diff -ur libvirt-6.1.0.orig/tests/qemuxml2argvtest.c libvirt-6.1.0/tests/qemuxml2argvtest.c
198 --- libvirt-6.1.0.orig/tests/qemuxml2argvtest.c 2020-03-06 09:47:33.741000000 +0100
199 +++ libvirt-6.1.0/tests/qemuxml2argvtest.c      2020-03-06 09:47:52.665000000 +0100
200 @@ -1197,7 +1197,7 @@
201  
202      driver.config->vncSASL = 1;
203      VIR_FREE(driver.config->vncSASLdir);
204 -    driver.config->vncSASLdir = g_strdup("/root/.sasl2");
205 +    driver.config->vncSASLdir = g_strdup("/root/.sasl");
206      DO_TEST("graphics-vnc-sasl", QEMU_CAPS_VNC, QEMU_CAPS_DEVICE_CIRRUS_VGA);
207      driver.config->vncTLS = 1;
208      driver.config->vncTLSx509verify = 1;
209 @@ -1227,7 +1227,7 @@
210      DO_TEST("graphics-spice-no-args",
211              QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_CIRRUS_VGA);
212      driver.config->spiceSASL = 1;
213 -    driver.config->spiceSASLdir = g_strdup("/root/.sasl2");
214 +    driver.config->spiceSASLdir = g_strdup("/root/.sasl");
215      DO_TEST("graphics-spice-sasl",
216              QEMU_CAPS_SPICE,
217              QEMU_CAPS_DEVICE_QXL);
218 diff -ur libvirt-6.1.0.orig/tests/virconfdata/libvirtd.conf libvirt-6.1.0/tests/virconfdata/libvirtd.conf
219 --- libvirt-6.1.0.orig/tests/virconfdata/libvirtd.conf  2020-03-06 09:47:33.909000000 +0100
220 +++ libvirt-6.1.0/tests/virconfdata/libvirtd.conf       2020-03-06 09:47:52.665000000 +0100
221 @@ -91,7 +91,7 @@
222  #          the network providing auth (eg, TLS/x509 certificates)
223  #
224  #  - sasl: use SASL infrastructure. The actual auth scheme is then
225 -#          controlled from /etc/sasl2/libvirt.conf. For the TCP
226 +#          controlled from /etc/sasl/libvirt.conf. For the TCP
227  #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
228  #          For non-TCP or TLS sockets,  any scheme is allowed.
229  #
230 @@ -122,7 +122,7 @@
231  # If you don't enable SASL, then all TCP traffic is cleartext.
232  # Don't do this outside of a dev/test scenario. For real world
233  # use, always enable SASL and use the GSSAPI or DIGEST-MD5
234 -# mechanism in /etc/sasl2/libvirt.conf
235 +# mechanism in /etc/sasl/libvirt.conf
236  auth_tcp = "sasl"
237  
238  # Change the authentication scheme for TLS sockets.
239 diff -ur libvirt-6.1.0.orig/tests/virconfdata/libvirtd.out libvirt-6.1.0/tests/virconfdata/libvirtd.out
240 --- libvirt-6.1.0.orig/tests/virconfdata/libvirtd.out   2020-03-06 09:47:33.909000000 +0100
241 +++ libvirt-6.1.0/tests/virconfdata/libvirtd.out        2020-03-06 09:47:52.665000000 +0100
242 @@ -73,7 +73,7 @@
243  #          the network providing auth (eg, TLS/x509 certificates)
244  #
245  #  - sasl: use SASL infrastructure. The actual auth scheme is then
246 -#          controlled from /etc/sasl2/libvirt.conf. For the TCP
247 +#          controlled from /etc/sasl/libvirt.conf. For the TCP
248  #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
249  #          For non-TCP or TLS sockets,  any scheme is allowed.
250  #
251 @@ -102,7 +102,7 @@
252  # If you don't enable SASL, then all TCP traffic is cleartext.
253  # Don't do this outside of a dev/test scenario. For real world
254  # use, always enable SASL and use the GSSAPI or DIGEST-MD5
255 -# mechanism in /etc/sasl2/libvirt.conf
256 +# mechanism in /etc/sasl/libvirt.conf
257  auth_tcp = "sasl"
258  # Change the authentication scheme for TLS sockets.
259  #
Toolkit to interact with virtualization capabilities