1 diff -urp libvirt-4.2.0.orig/docs/auth.html libvirt-4.2.0/docs/auth.html
2 --- libvirt-4.2.0.orig/docs/auth.html 2018-04-12 12:41:58.327580941 +0000
3 +++ libvirt-4.2.0/docs/auth.html 2018-04-12 12:42:15.267580750 +0000
4 @@ -338,7 +338,7 @@ to turn on SASL auth in these listeners.
6 Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
7 config change is rquired to enable plain password auth. This is done by
8 -editting <code>/etc/sasl2/libvirt.conf</code> to set the <code>mech_list</code>
9 +editting <code>/etc/sasl/libvirt.conf</code> to set the <code>mech_list</code>
10 parameter to <code>scram-sha-1</code>.
13 diff -urp libvirt-4.2.0.orig/docs/auth.html.in libvirt-4.2.0/docs/auth.html.in
14 --- libvirt-4.2.0.orig/docs/auth.html.in 2018-04-12 12:41:58.331580941 +0000
15 +++ libvirt-4.2.0/docs/auth.html.in 2018-04-12 12:42:15.268580750 +0000
16 @@ -267,7 +267,7 @@ to turn on SASL auth in these listeners.
18 Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
19 config change is rquired to enable plain password auth. This is done by
20 -editting <code>/etc/sasl2/libvirt.conf</code> to set the <code>mech_list</code>
21 +editting <code>/etc/sasl/libvirt.conf</code> to set the <code>mech_list</code>
22 parameter to <code>scram-sha-1</code>.
25 diff -urp libvirt-4.2.0.orig/libvirt.spec libvirt-4.2.0/libvirt.spec
26 --- libvirt-4.2.0.orig/libvirt.spec 2018-04-12 12:41:58.347580941 +0000
27 +++ libvirt-4.2.0/libvirt.spec 2018-04-12 12:42:15.268580750 +0000
28 @@ -2124,7 +2124,7 @@ exit 0
30 %{_datadir}/libvirt/test-screenshot.png
32 -%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
33 +%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf
36 %{_mandir}/man1/virt-admin.1*
37 diff -urp libvirt-4.2.0.orig/libvirt.spec.in libvirt-4.2.0/libvirt.spec.in
38 --- libvirt-4.2.0.orig/libvirt.spec.in 2018-04-12 12:41:58.346580941 +0000
39 +++ libvirt-4.2.0/libvirt.spec.in 2018-04-12 12:42:15.268580750 +0000
40 @@ -2124,7 +2124,7 @@ exit 0
42 %{_datadir}/libvirt/test-screenshot.png
44 -%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
45 +%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf
48 %{_mandir}/man1/virt-admin.1*
49 diff -urp libvirt-4.2.0.orig/src/Makefile.in libvirt-4.2.0/src/Makefile.in
50 --- libvirt-4.2.0.orig/src/Makefile.in 2018-04-12 12:41:58.401580940 +0000
51 +++ libvirt-4.2.0/src/Makefile.in 2018-04-12 12:42:15.272580750 +0000
52 @@ -13098,13 +13098,13 @@ lxc/lxc_controller_dispatch.h: $(srcdir)
53 # This is needed for clients too, so can't wrap in
54 # the WITH_LIBVIRTD conditional
55 @WITH_SASL_TRUE@install-sasl:
56 -@WITH_SASL_TRUE@ $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl2/
57 +@WITH_SASL_TRUE@ $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl/
58 @WITH_SASL_TRUE@ $(INSTALL_DATA) $(srcdir)/remote/libvirtd.sasl \
59 -@WITH_SASL_TRUE@ $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
60 +@WITH_SASL_TRUE@ $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
62 @WITH_SASL_TRUE@uninstall-sasl:
63 -@WITH_SASL_TRUE@ rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
64 -@WITH_SASL_TRUE@ rmdir $(DESTDIR)$(sysconfdir)/sasl2/ || :
65 +@WITH_SASL_TRUE@ rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
66 +@WITH_SASL_TRUE@ rmdir $(DESTDIR)$(sysconfdir)/sasl/ || :
67 @WITH_SASL_FALSE@install-sasl:
68 @WITH_SASL_FALSE@uninstall-sasl:
70 diff -urp libvirt-4.2.0.orig/src/qemu/qemu.conf libvirt-4.2.0/src/qemu/qemu.conf
71 --- libvirt-4.2.0.orig/src/qemu/qemu.conf 2018-04-12 12:41:58.380580940 +0000
72 +++ libvirt-4.2.0/src/qemu/qemu.conf 2018-04-12 12:42:15.272580750 +0000
74 # Examples include vinagre, virt-viewer and virt-manager
75 # itself. UltraVNC, RealVNC, TightVNC do not support this
77 -# It is necessary to configure /etc/sasl2/qemu.conf to choose
78 +# It is necessary to configure /etc/sasl/qemu.conf to choose
79 # the desired SASL plugin (eg, GSSPI for Kerberos)
84 -# The default SASL configuration file is located in /etc/sasl2/
85 +# The default SASL configuration file is located in /etc/sasl/
86 # When running libvirtd unprivileged, it may be desirable to
87 # override the configs in this location. Set this parameter to
88 # point to the directory, and create a qemu.conf in that location
90 -#vnc_sasl_dir = "/some/directory/sasl2"
91 +#vnc_sasl_dir = "/some/directory/sasl"
94 # QEMU implements an extension for providing audio over a VNC connection,
96 # Enable use of SASL encryption on the SPICE server. This requires
97 # a SPICE client which supports the SASL protocol extension.
99 -# It is necessary to configure /etc/sasl2/qemu.conf to choose
100 +# It is necessary to configure /etc/sasl/qemu.conf to choose
101 # the desired SASL plugin (eg, GSSPI for Kerberos)
105 -# The default SASL configuration file is located in /etc/sasl2/
106 +# The default SASL configuration file is located in /etc/sasl/
107 # When running libvirtd unprivileged, it may be desirable to
108 # override the configs in this location. Set this parameter to
109 # point to the directory, and create a qemu.conf in that location
111 -#spice_sasl_dir = "/some/directory/sasl2"
112 +#spice_sasl_dir = "/some/directory/sasl"
114 # Enable use of TLS encryption on the chardev TCP transports.
116 diff -urp libvirt-4.2.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-4.2.0/src/qemu/test_libvirtd_qemu.aug.in
117 --- libvirt-4.2.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2018-04-12 12:41:58.380580940 +0000
118 +++ libvirt-4.2.0/src/qemu/test_libvirtd_qemu.aug.in 2018-04-12 12:42:15.273580750 +0000
119 @@ -12,7 +12,7 @@ module Test_libvirtd_qemu =
120 { "vnc_tls_x509_verify" = "1" }
121 { "vnc_password" = "XYZ12345" }
123 -{ "vnc_sasl_dir" = "/some/directory/sasl2" }
124 +{ "vnc_sasl_dir" = "/some/directory/sasl" }
125 { "vnc_allow_host_audio" = "0" }
126 { "spice_listen" = "0.0.0.0" }
127 { "spice_tls" = "1" }
128 @@ -20,7 +20,7 @@ module Test_libvirtd_qemu =
129 { "spice_auto_unix_socket" = "1" }
130 { "spice_password" = "XYZ12345" }
131 { "spice_sasl" = "1" }
132 -{ "spice_sasl_dir" = "/some/directory/sasl2" }
133 +{ "spice_sasl_dir" = "/some/directory/sasl" }
134 { "chardev_tls" = "1" }
135 { "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
136 { "chardev_tls_x509_verify" = "1" }
137 diff -urp libvirt-4.2.0.orig/src/remote/libvirtd.conf libvirt-4.2.0/src/remote/libvirtd.conf
138 --- libvirt-4.2.0.orig/src/remote/libvirtd.conf 2018-04-12 12:41:58.382580940 +0000
139 +++ libvirt-4.2.0/src/remote/libvirtd.conf 2018-04-12 12:42:15.273580750 +0000
141 # the network providing auth (eg, TLS/x509 certificates)
143 # - sasl: use SASL infrastructure. The actual auth scheme is then
144 -# controlled from /etc/sasl2/libvirt.conf. For the TCP
145 +# controlled from /etc/sasl/libvirt.conf. For the TCP
146 # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
147 # For non-TCP or TLS sockets, any scheme is allowed.
150 # If you don't enable SASL, then all TCP traffic is cleartext.
151 # Don't do this outside of a dev/test scenario. For real world
152 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
153 -# mechanism in /etc/sasl2/libvirt.conf
154 +# mechanism in /etc/sasl/libvirt.conf
157 # Change the authentication scheme for TLS sockets.
158 diff -urp libvirt-4.2.0.orig/src/remote/Makefile.inc.am libvirt-4.2.0/src/remote/Makefile.inc.am
159 --- libvirt-4.2.0.orig/src/remote/Makefile.inc.am 2018-04-12 12:41:58.380580940 +0000
160 +++ libvirt-4.2.0/src/remote/Makefile.inc.am 2018-04-12 12:43:43.861579753 +0000
161 @@ -243,13 +243,13 @@ endif ! WITH_LIBVIRTD
162 # the WITH_LIBVIRTD conditional
165 - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl2/
166 + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sasl/
167 $(INSTALL_DATA) $(srcdir)/remote/libvirtd.sasl \
168 - $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
169 + $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
172 - rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
173 - rmdir $(DESTDIR)$(sysconfdir)/sasl2/ || :
174 + rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
175 + rmdir $(DESTDIR)$(sysconfdir)/sasl/ || :
179 diff -urp libvirt-4.2.0.orig/tests/qemuargv2xmldata/graphics-vnc-sasl.args libvirt-4.2.0/tests/qemuargv2xmldata/graphics-vnc-sasl.args
180 --- libvirt-4.2.0.orig/tests/qemuargv2xmldata/graphics-vnc-sasl.args 2018-04-12 12:41:58.691580937 +0000
181 +++ libvirt-4.2.0/tests/qemuargv2xmldata/graphics-vnc-sasl.args 2018-04-12 12:42:15.273580750 +0000
182 @@ -3,7 +3,7 @@ PATH=/bin \
186 -SASL_CONF_PATH=/root/.sasl2 \
187 +SASL_CONF_PATH=/root/.sasl \
188 QEMU_AUDIO_DRV=none \
189 /usr/bin/qemu-system-i686 \
191 diff -urp libvirt-4.2.0.orig/tests/qemuargv2xmldata/graphics-vnc-tls.args libvirt-4.2.0/tests/qemuargv2xmldata/graphics-vnc-tls.args
192 --- libvirt-4.2.0.orig/tests/qemuargv2xmldata/graphics-vnc-tls.args 2018-04-12 12:41:58.691580937 +0000
193 +++ libvirt-4.2.0/tests/qemuargv2xmldata/graphics-vnc-tls.args 2018-04-12 12:42:15.273580750 +0000
194 @@ -3,7 +3,7 @@ PATH=/bin \
198 -SASL_CONF_PATH=/root/.sasl2 \
199 +SASL_CONF_PATH=/root/.sasl \
200 QEMU_AUDIO_DRV=none \
201 /usr/bin/qemu-system-i686 \
203 diff -urp libvirt-4.2.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args libvirt-4.2.0/tests/qemuxml2argvdata/graphics-spice-sasl.args
204 --- libvirt-4.2.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.args 2018-04-12 12:41:58.722580936 +0000
205 +++ libvirt-4.2.0/tests/qemuxml2argvdata/graphics-spice-sasl.args 2018-04-12 12:42:15.273580750 +0000
206 @@ -3,7 +3,7 @@ PATH=/bin \
210 -SASL_CONF_PATH=/root/.sasl2 \
211 +SASL_CONF_PATH=/root/.sasl \
212 QEMU_AUDIO_DRV=spice \
213 /usr/bin/qemu-system-i686 \
215 diff -urp libvirt-4.2.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args libvirt-4.2.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args
216 --- libvirt-4.2.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2018-04-12 12:41:58.722580936 +0000
217 +++ libvirt-4.2.0/tests/qemuxml2argvdata/graphics-vnc-sasl.args 2018-04-12 12:42:15.273580750 +0000
218 @@ -3,7 +3,7 @@ PATH=/bin \
222 -SASL_CONF_PATH=/root/.sasl2 \
223 +SASL_CONF_PATH=/root/.sasl \
224 QEMU_AUDIO_DRV=none \
225 /usr/bin/qemu-system-i686 \
227 diff -urp libvirt-4.2.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args libvirt-4.2.0/tests/qemuxml2argvdata/graphics-vnc-tls.args
228 --- libvirt-4.2.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.args 2018-04-12 12:41:58.722580936 +0000
229 +++ libvirt-4.2.0/tests/qemuxml2argvdata/graphics-vnc-tls.args 2018-04-12 12:42:15.273580750 +0000
230 @@ -3,7 +3,7 @@ PATH=/bin \
234 -SASL_CONF_PATH=/root/.sasl2 \
235 +SASL_CONF_PATH=/root/.sasl \
236 QEMU_AUDIO_DRV=none \
237 /usr/bin/qemu-system-i686 \
239 diff -urp libvirt-4.2.0.orig/tests/qemuxml2argvtest.c libvirt-4.2.0/tests/qemuxml2argvtest.c
240 --- libvirt-4.2.0.orig/tests/qemuxml2argvtest.c 2018-04-12 12:41:58.410580940 +0000
241 +++ libvirt-4.2.0/tests/qemuxml2argvtest.c 2018-04-12 12:42:15.274580750 +0000
242 @@ -1098,7 +1098,7 @@ mymain(void)
244 driver.config->vncSASL = 1;
245 VIR_FREE(driver.config->vncSASLdir);
246 - ignore_value(VIR_STRDUP(driver.config->vncSASLdir, "/root/.sasl2"));
247 + ignore_value(VIR_STRDUP(driver.config->vncSASLdir, "/root/.sasl"));
248 DO_TEST("graphics-vnc-sasl", QEMU_CAPS_VNC, QEMU_CAPS_DEVICE_CIRRUS_VGA);
249 driver.config->vncTLS = 1;
250 driver.config->vncTLSx509verify = 1;
251 @@ -1122,7 +1122,7 @@ mymain(void)
252 DO_TEST("graphics-spice-no-args",
253 QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_CIRRUS_VGA);
254 driver.config->spiceSASL = 1;
255 - ignore_value(VIR_STRDUP(driver.config->spiceSASLdir, "/root/.sasl2"));
256 + ignore_value(VIR_STRDUP(driver.config->spiceSASLdir, "/root/.sasl"));
257 DO_TEST("graphics-spice-sasl",
259 QEMU_CAPS_DEVICE_QXL);
260 diff -urp libvirt-4.2.0.orig/tests/virconfdata/libvirtd.conf libvirt-4.2.0/tests/virconfdata/libvirtd.conf
261 --- libvirt-4.2.0.orig/tests/virconfdata/libvirtd.conf 2018-04-12 12:41:58.827580935 +0000
262 +++ libvirt-4.2.0/tests/virconfdata/libvirtd.conf 2018-04-12 12:42:15.274580750 +0000
263 @@ -108,7 +108,7 @@ unix_sock_admin_perms = "0700"
264 # the network providing auth (eg, TLS/x509 certificates)
266 # - sasl: use SASL infrastructure. The actual auth scheme is then
267 -# controlled from /etc/sasl2/libvirt.conf. For the TCP
268 +# controlled from /etc/sasl/libvirt.conf. For the TCP
269 # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
270 # For non-TCP or TLS sockets, any scheme is allowed.
272 @@ -139,7 +139,7 @@ auth_unix_rw = "none"
273 # If you don't enable SASL, then all TCP traffic is cleartext.
274 # Don't do this outside of a dev/test scenario. For real world
275 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
276 -# mechanism in /etc/sasl2/libvirt.conf
277 +# mechanism in /etc/sasl/libvirt.conf
280 # Change the authentication scheme for TLS sockets.
281 diff -urp libvirt-4.2.0.orig/tests/virconfdata/libvirtd.out libvirt-4.2.0/tests/virconfdata/libvirtd.out
282 --- libvirt-4.2.0.orig/tests/virconfdata/libvirtd.out 2018-04-12 12:41:58.827580935 +0000
283 +++ libvirt-4.2.0/tests/virconfdata/libvirtd.out 2018-04-12 12:42:15.274580750 +0000
284 @@ -87,7 +87,7 @@ unix_sock_admin_perms = "0700"
285 # the network providing auth (eg, TLS/x509 certificates)
287 # - sasl: use SASL infrastructure. The actual auth scheme is then
288 -# controlled from /etc/sasl2/libvirt.conf. For the TCP
289 +# controlled from /etc/sasl/libvirt.conf. For the TCP
290 # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
291 # For non-TCP or TLS sockets, any scheme is allowed.
293 @@ -116,7 +116,7 @@ auth_unix_rw = "none"
294 # If you don't enable SASL, then all TCP traffic is cleartext.
295 # Don't do this outside of a dev/test scenario. For real world
296 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
297 -# mechanism in /etc/sasl2/libvirt.conf
298 +# mechanism in /etc/sasl/libvirt.conf
300 # Change the authentication scheme for TLS sockets.