X-Git-Url: https://git.tld-linux.org/?p=packages%2Flibvirt.git;a=blobdiff_plain;f=libvirt-qemu-acl.patch;h=d10ea7d0b7c48b5135a8a314b870f9fb75a887ca;hp=2b7f6a8918a82864820772e6ec6f8bfc6d9d7273;hb=HEAD;hpb=30488cfe547d889829f5d135761237330412fd07 diff --git a/libvirt-qemu-acl.patch b/libvirt-qemu-acl.patch index 2b7f6a8..67a3abc 100644 --- a/libvirt-qemu-acl.patch +++ b/libvirt-qemu-acl.patch @@ -1,7 +1,7 @@ -diff -ur libvirt-8.0.0.orig/src/qemu/qemu_command.c libvirt-8.0.0/src/qemu/qemu_command.c ---- libvirt-8.0.0.orig/src/qemu/qemu_command.c 2022-01-23 12:17:21.722539037 +0100 -+++ libvirt-8.0.0/src/qemu/qemu_command.c 2022-01-23 12:17:43.308582727 +0100 -@@ -8327,6 +8327,10 @@ +diff -ur libvirt-10.2.0.orig/src/qemu/qemu_command.c libvirt-10.2.0/src/qemu/qemu_command.c +--- libvirt-10.2.0.orig/src/qemu/qemu_command.c 2024-04-03 17:49:34.976744165 +0200 ++++ libvirt-10.2.0/src/qemu/qemu_command.c 2024-04-03 17:49:53.468991419 +0200 +@@ -8201,6 +8201,10 @@ virCommandAddEnvPair(cmd, "SASL_CONF_PATH", cfg->vncSASLdir); /* TODO: Support ACLs later */ @@ -12,29 +12,10 @@ diff -ur libvirt-8.0.0.orig/src/qemu/qemu_command.c libvirt-8.0.0/src/qemu/qemu_ } if (graphics->data.vnc.powerControl != VIR_TRISTATE_BOOL_ABSENT) { -diff -ur libvirt-8.0.0.orig/src/qemu/qemu.conf libvirt-8.0.0/src/qemu/qemu.conf ---- libvirt-8.0.0.orig/src/qemu/qemu.conf 2022-01-23 12:17:21.720539033 +0100 -+++ libvirt-8.0.0/src/qemu/qemu.conf 2022-01-23 12:17:43.308582727 +0100 -@@ -147,6 +147,15 @@ - #vnc_sasl = 1 - - -+# Enable the VNC access control lists. When switched on this will -+# initially block all vnc users from accessing the vnc server. To -+# add and remove ids from the ACLs you will need to send the appropriate -+# commands to the qemu monitor as required by your particular version of -+# QEMU. See the QEMU documentation for more details. -+# -+# vnc_acl = 1 -+ -+ - # The default SASL configuration file is located in /etc/sasl/ - # When running libvirtd unprivileged, it may be desirable to - # override the configs in this location. Set this parameter to -diff -ur libvirt-8.0.0.orig/src/qemu/qemu_conf.c libvirt-8.0.0/src/qemu/qemu_conf.c ---- libvirt-8.0.0.orig/src/qemu/qemu_conf.c 2022-01-23 12:17:21.722539037 +0100 -+++ libvirt-8.0.0/src/qemu/qemu_conf.c 2022-01-23 12:17:43.308582727 +0100 -@@ -450,6 +450,8 @@ +diff -ur libvirt-10.2.0.orig/src/qemu/qemu_conf.c libvirt-10.2.0/src/qemu/qemu_conf.c +--- libvirt-10.2.0.orig/src/qemu/qemu_conf.c 2024-04-03 17:49:34.976744165 +0200 ++++ libvirt-10.2.0/src/qemu/qemu_conf.c 2024-04-03 17:49:53.472991473 +0200 +@@ -441,6 +441,8 @@ return -1; if (virConfGetValueBool(conf, "vnc_allow_host_audio", &cfg->vncAllowHostAudio) < 0) return -1; @@ -43,10 +24,10 @@ diff -ur libvirt-8.0.0.orig/src/qemu/qemu_conf.c libvirt-8.0.0/src/qemu/qemu_con if (cfg->vncPassword && strlen(cfg->vncPassword) > 8) { -diff -ur libvirt-8.0.0.orig/src/qemu/qemu_conf.h libvirt-8.0.0/src/qemu/qemu_conf.h ---- libvirt-8.0.0.orig/src/qemu/qemu_conf.h 2022-01-23 12:17:21.722539037 +0100 -+++ libvirt-8.0.0/src/qemu/qemu_conf.h 2022-01-23 12:17:43.309582729 +0100 -@@ -114,6 +114,7 @@ +diff -ur libvirt-10.2.0.orig/src/qemu/qemu_conf.h libvirt-10.2.0/src/qemu/qemu_conf.h +--- libvirt-10.2.0.orig/src/qemu/qemu_conf.h 2024-04-03 17:49:34.980744218 +0200 ++++ libvirt-10.2.0/src/qemu/qemu_conf.h 2024-04-03 17:49:53.472991473 +0200 +@@ -120,6 +120,7 @@ bool vncTLSx509verify; bool vncTLSx509verifyPresent; bool vncSASL; @@ -54,3 +35,22 @@ diff -ur libvirt-8.0.0.orig/src/qemu/qemu_conf.h libvirt-8.0.0/src/qemu/qemu_con char *vncTLSx509certdir; char *vncTLSx509secretUUID; char *vncListen; +diff -ur libvirt-10.2.0.orig/src/qemu/qemu.conf.in libvirt-10.2.0/src/qemu/qemu.conf.in +--- libvirt-10.2.0.orig/src/qemu/qemu.conf.in 2024-04-03 17:49:34.976744165 +0200 ++++ libvirt-10.2.0/src/qemu/qemu.conf.in 2024-04-03 17:49:53.472991473 +0200 +@@ -147,6 +147,15 @@ + #vnc_sasl = 1 + + ++# Enable the VNC access control lists. When switched on this will ++# initially block all vnc users from accessing the vnc server. To ++# add and remove ids from the ACLs you will need to send the appropriate ++# commands to the qemu monitor as required by your particular version of ++# QEMU. See the QEMU documentation for more details. ++# ++# vnc_acl = 1 ++ ++ + # The default SASL configuration file is located in /etc/sasl/ + # When running libvirtd unprivileged, it may be desirable to + # override the configs in this location. Set this parameter to