diff -ur libvirt-9.5.0.orig/docs/auth.rst libvirt-9.5.0/docs/auth.rst
--- libvirt-9.5.0.orig/docs/auth.rst	2023-07-20 17:12:02.016734095 +0200
+++ libvirt-9.5.0/docs/auth.rst	2023-07-20 17:12:35.936219809 +0200
@@ -225,7 +225,7 @@
 
 Since the libvirt SASL config file defaults to using ``GSSAPI`` (Kerberos), a
 config change is required to enable plain password auth. This is done by
-editing ``/etc/sasl2/libvirt.conf`` to set the ``mech_list``
+editing ``/etc/sasl/libvirt.conf`` to set the ``mech_list``
 parameter to ``scram-sha-256``.
 
 **Note:** previous versions of libvirt suggested ``DIGEST-MD5`` and
diff -ur libvirt-9.5.0.orig/src/qemu/qemu.conf.in libvirt-9.5.0/src/qemu/qemu.conf.in
--- libvirt-9.5.0.orig/src/qemu/qemu.conf.in	2023-07-20 17:12:02.114735498 +0200
+++ libvirt-9.5.0/src/qemu/qemu.conf.in	2023-07-20 17:12:35.937219824 +0200
@@ -141,18 +141,18 @@
 # Examples include vinagre, virt-viewer and virt-manager
 # itself. UltraVNC, RealVNC, TightVNC do not support this
 #
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# It is necessary to configure /etc/sasl/qemu.conf to choose
 # the desired SASL plugin (eg, GSSPI for Kerberos)
 #
 #vnc_sasl = 1
 
 
-# The default SASL configuration file is located in /etc/sasl2/
+# The default SASL configuration file is located in /etc/sasl/
 # When running libvirtd unprivileged, it may be desirable to
 # override the configs in this location. Set this parameter to
 # point to the directory, and create a qemu.conf in that location
 #
-#vnc_sasl_dir = "/some/directory/sasl2"
+#vnc_sasl_dir = "/some/directory/sasl"
 
 
 # QEMU implements an extension for providing audio over a VNC connection,
@@ -217,17 +217,17 @@
 # Enable use of SASL encryption on the SPICE server. This requires
 # a SPICE client which supports the SASL protocol extension.
 #
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# It is necessary to configure /etc/sasl/qemu.conf to choose
 # the desired SASL plugin (eg, GSSPI for Kerberos)
 #
 #spice_sasl = 1
 
-# The default SASL configuration file is located in /etc/sasl2/
+# The default SASL configuration file is located in /etc/sasl/
 # When running libvirtd unprivileged, it may be desirable to
 # override the configs in this location. Set this parameter to
 # point to the directory, and create a qemu.conf in that location
 #
-#spice_sasl_dir = "/some/directory/sasl2"
+#spice_sasl_dir = "/some/directory/sasl"
 
 # Enable use of TLS encryption on the chardev TCP transports.
 #
diff -ur libvirt-9.5.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-9.5.0/src/qemu/test_libvirtd_qemu.aug.in
--- libvirt-9.5.0.orig/src/qemu/test_libvirtd_qemu.aug.in	2023-07-20 17:12:02.121735598 +0200
+++ libvirt-9.5.0/src/qemu/test_libvirtd_qemu.aug.in	2023-07-20 17:12:35.937219824 +0200
@@ -13,7 +13,7 @@
 { "vnc_tls_x509_verify" = "1" }
 { "vnc_password" = "XYZ12345" }
 { "vnc_sasl" = "1" }
-{ "vnc_sasl_dir" = "/some/directory/sasl2" }
+{ "vnc_sasl_dir" = "/some/directory/sasl" }
 { "vnc_allow_host_audio" = "0" }
 { "spice_listen" = "0.0.0.0" }
 { "spice_tls" = "1" }
@@ -21,7 +21,7 @@
 { "spice_auto_unix_socket" = "1" }
 { "spice_password" = "XYZ12345" }
 { "spice_sasl" = "1" }
-{ "spice_sasl_dir" = "/some/directory/sasl2" }
+{ "spice_sasl_dir" = "/some/directory/sasl" }
 { "chardev_tls" = "1" }
 { "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
 { "chardev_tls_x509_verify" = "1" }
diff -ur libvirt-9.5.0.orig/src/remote/libvirtd.conf.in libvirt-9.5.0/src/remote/libvirtd.conf.in
--- libvirt-9.5.0.orig/src/remote/libvirtd.conf.in	2023-07-20 17:12:02.121735598 +0200
+++ libvirt-9.5.0/src/remote/libvirtd.conf.in	2023-07-20 17:12:35.937219824 +0200
@@ -140,7 +140,7 @@
 #          the network providing auth (eg, TLS/x509 certificates)
 #
 #  - sasl: use SASL infrastructure. The actual auth scheme is then
-#          controlled from @sysconfdir@/sasl2/libvirt.conf. For the TCP
+#          controlled from @sysconfdir@/sasl/libvirt.conf. For the TCP
 #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
 #          For non-TCP or TLS sockets, any scheme is allowed.
 #
@@ -190,7 +190,7 @@
 # If you don't enable SASL, then all TCP traffic is cleartext.
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in @sysconfdir@/sasl2/libvirt.conf
+# mechanism in @sysconfdir@/sasl/libvirt.conf
 #auth_tcp = "sasl"
 
 # Change the authentication scheme for TLS sockets.
diff -ur libvirt-9.5.0.orig/src/remote/meson.build libvirt-9.5.0/src/remote/meson.build
--- libvirt-9.5.0.orig/src/remote/meson.build	2023-07-20 17:12:02.122735613 +0200
+++ libvirt-9.5.0/src/remote/meson.build	2023-07-20 17:12:35.937219824 +0200
@@ -302,7 +302,7 @@
 if conf.has('WITH_SASL')
   install_data(
     'libvirtd.sasl',
-    install_dir: sysconfdir / 'sasl2',
+    install_dir: sysconfdir / 'sasl',
     rename: [ 'libvirt.conf' ],
   )
 endif
diff -ur libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args libvirt-9.5.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args
--- libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args	2023-07-20 17:12:02.331738606 +0200
+++ libvirt-9.5.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args	2023-07-20 17:14:44.862065962 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/etc/sasl2 \
+SASL_CONF_PATH=/etc/sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args
--- libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args	2023-07-20 17:12:02.332738620 +0200
+++ libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args	2023-07-20 17:14:33.814907772 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/etc/sasl2 \
+SASL_CONF_PATH=/etc/sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args
--- libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args	2023-07-20 17:12:02.333738634 +0200
+++ libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args	2023-07-20 17:14:05.149497298 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/etc/sasl2 \
+SASL_CONF_PATH=/etc/sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args
--- libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args	2023-07-20 17:12:02.333738634 +0200
+++ libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args	2023-07-20 17:14:21.221727445 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/etc/sasl2 \
+SASL_CONF_PATH=/etc/sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args
--- libvirt-9.5.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args	2023-07-20 17:12:02.333738634 +0200
+++ libvirt-9.5.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args	2023-07-20 17:14:26.220799030 +0200
@@ -6,7 +6,7 @@
 XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
 XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
 XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-SASL_CONF_PATH=/etc/sasl2 \
+SASL_CONF_PATH=/etc/sasl \
 /usr/bin/qemu-system-x86_64 \
 -name guest=QEMUGuest1,debug-threads=on \
 -S \
diff -ur libvirt-9.5.0.orig/tests/testutilsqemu.c libvirt-9.5.0/tests/testutilsqemu.c
--- libvirt-9.5.0.orig/tests/testutilsqemu.c	2023-07-20 17:12:02.426739966 +0200
+++ libvirt-9.5.0/tests/testutilsqemu.c	2023-07-20 17:15:07.460389561 +0200
@@ -528,9 +528,9 @@
     cfg->backupTLSx509certdir = g_strdup("/etc/pki/libvirt-backup");
 
     VIR_FREE(cfg->vncSASLdir);
-    cfg->vncSASLdir = g_strdup("/etc/sasl2");
+    cfg->vncSASLdir = g_strdup("/etc/sasl");
     VIR_FREE(cfg->spiceSASLdir);
-    cfg->spiceSASLdir = g_strdup("/etc/sasl2");
+    cfg->spiceSASLdir = g_strdup("/etc/sasl");
 
     VIR_FREE(cfg->spicePassword);
     cfg->spicePassword = g_strdup("123456");
diff -ur libvirt-9.5.0.orig/tests/virconfdata/libvirtd.conf libvirt-9.5.0/tests/virconfdata/libvirtd.conf
--- libvirt-9.5.0.orig/tests/virconfdata/libvirtd.conf	2023-07-20 17:12:02.518741283 +0200
+++ libvirt-9.5.0/tests/virconfdata/libvirtd.conf	2023-07-20 17:12:35.944219924 +0200
@@ -91,7 +91,7 @@
 #          the network providing auth (eg, TLS/x509 certificates)
 #
 #  - sasl: use SASL infrastructure. The actual auth scheme is then
-#          controlled from /etc/sasl2/libvirt.conf. For the TCP
+#          controlled from /etc/sasl/libvirt.conf. For the TCP
 #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
 #          For non-TCP or TLS sockets,  any scheme is allowed.
 #
@@ -122,7 +122,7 @@
 # If you don't enable SASL, then all TCP traffic is cleartext.
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
 auth_tcp = "sasl"
 
 # Change the authentication scheme for TLS sockets.
diff -ur libvirt-9.5.0.orig/tests/virconfdata/libvirtd.out libvirt-9.5.0/tests/virconfdata/libvirtd.out
--- libvirt-9.5.0.orig/tests/virconfdata/libvirtd.out	2023-07-20 17:12:02.518741283 +0200
+++ libvirt-9.5.0/tests/virconfdata/libvirtd.out	2023-07-20 17:12:35.945219938 +0200
@@ -73,7 +73,7 @@
 #          the network providing auth (eg, TLS/x509 certificates)
 #
 #  - sasl: use SASL infrastructure. The actual auth scheme is then
-#          controlled from /etc/sasl2/libvirt.conf. For the TCP
+#          controlled from /etc/sasl/libvirt.conf. For the TCP
 #          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
 #          For non-TCP or TLS sockets,  any scheme is allowed.
 #
@@ -102,7 +102,7 @@
 # If you don't enable SASL, then all TCP traffic is cleartext.
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
-# mechanism in /etc/sasl2/libvirt.conf
+# mechanism in /etc/sasl/libvirt.conf
 auth_tcp = "sasl"
 # Change the authentication scheme for TLS sockets.
 #