xenbits.xensource.com Git - libvirt.git/commit

author	Daniel P. Berrangé <berrange@redhat.com>
	Fri, 17 May 2019 11:35:57 +0000 (12:35 +0100)
committer	Daniel P. Berrangé <berrange@redhat.com>
	Mon, 27 Jan 2020 11:04:29 +0000 (11:04 +0000)
commit	3e9076e777aff2f4b08330ed17e559fcfb6b3529
tree	31be001b78a85bc373e41b03628b6e1d01e1ae6b	tree
parent	068efae5b1a9efeea4a9c3bc0ae80747da5024fb	commit \| diff

secrets: add support for running secret driver in embedded mode

This enables support for running the secret driver embedded to the
calling application process using a URI:

   secret:///embed?root=/some/path

When using the embedded mode with a root=/var/tmp/embed, the
driver will use the following paths:

       configDir: /var/tmp/embed/etc/secrets
        stateDir: /var/tmp/embed/run/secrets

These are identical whether the embedded driver is privileged
or unprivileged.

This compares with the system instance which uses

       configDir: /etc/libvirt/secrets
        stateDir: /var/lib/libvirt/secrets

When an embedded instance of the secret driver is open, any other
embedded drivers will automatically use the embedded secret driver.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/drivers.html.in		diff \| blob \| blame \| history
docs/drvsecret.html.in	[new file with mode: 0644]	blob
src/secret/secret_driver.c		diff \| blob \| blame \| history