DISTCLEANFILES =
EXTRA_DIST = \
- default-network.xml \
remote_generate_stubs.pl rpcgen_fix.pl \
remote_protocol.x \
libvirtd.conf \
libvirtd.sasl \
libvirtd.sysconf \
libvirtd.aug \
- libvirtd_qemu.aug \
libvirtd.logrotate.in \
test_libvirtd.aug \
- test_libvirtd_qemu.aug \
$(AVAHI_SOURCES) \
$(DAEMON_SOURCES)
if WITH_LIBVIRTD
-UUID=$(shell uuidgen 2>/dev/null)
-
sbin_PROGRAMS = libvirtd
confdir = $(sysconfdir)/libvirt/
conf_DATA = libvirtd.conf
augeasdir = $(datadir)/augeas/lenses
-augeas_DATA = libvirtd.aug libvirtd_qemu.aug
+augeas_DATA = libvirtd.aug
augeastestsdir = $(datadir)/augeas/lenses/tests
-augeastests_DATA = test_libvirtd.aug test_libvirtd_qemu.aug
+augeastests_DATA = test_libvirtd.aug
libvirtd_SOURCES = $(DAEMON_SOURCES)
endif
-default_xml_dest = libvirt/qemu/networks/default.xml
install-data-local: install-init install-data-sasl install-data-polkit \
install-logrotate
- mkdir -p $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart
- $(INSTALL_DATA) $(srcdir)/default-network.xml \
- $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
- test -z "$(UUID)" || \
- sed -i -e "s,</name>,</name>\n <uuid>$(UUID)</uuid>," \
- $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
- test -e $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml || \
- ln -s ../default.xml \
- $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
- mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/qemu
+ mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt
mkdir -p $(DESTDIR)$(localstatedir)/run/libvirt
mkdir -p $(DESTDIR)$(localstatedir)/lib/libvirt
-uninstall-local:: uninstall-init install-data-sasl install-data-polkit
- rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
- rm -f $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
- rmdir $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart || :
- rmdir $(DESTDIR)$(localstatedir)/log/libvirt/qemu || :
+uninstall-local:: uninstall-init uninstall-data-sasl uninstall-data-polkit
+ rmdir $(DESTDIR)$(localstatedir)/log/libvirt || :
rmdir $(DESTDIR)$(localstatedir)/run/libvirt || :
rmdir $(DESTDIR)$(localstatedir)/lib/libvirt || :
check-local:
test -x '$(AUGPARSE)' \
&& '$(AUGPARSE)' -I $(srcdir) $(srcdir)/test_libvirtd.aug || :
- test -x '$(AUGPARSE)' \
- && '$(AUGPARSE)' -I $(srcdir) $(srcdir)/test_libvirtd_qemu.aug || :
else
+++ /dev/null
-<network>
- <name>default</name>
- <bridge name="virbr0" />
- <forward/>
- <ip address="192.168.122.1" netmask="255.255.255.0">
- <dhcp>
- <range start="192.168.122.2" end="192.168.122.254" />
- </dhcp>
- </ip>
-</network>
+++ /dev/null
-(* /etc/libvirt/qemu.conf *)
-
-module Libvirtd_qemu =
- autoload xfm
-
- let eol = del /[ \t]*\n/ "\n"
- let value_sep = del /[ \t]*=[ \t]*/ " = "
- let indent = del /[ \t]*/ ""
-
- let array_sep = del /,[ \t\n]*/ ", "
- let array_start = del /\[[ \t\n]*/ "[ "
- let array_end = del /\]/ "]"
-
- let str_val = del /\"/ "\"" . store /[^\"]*/ . del /\"/ "\""
- let bool_val = store /0|1/
- let str_array_element = [ seq "el" . str_val ] . del /[ \t\n]*/ ""
- let str_array_val = counter "el" . array_start . ( str_array_element . ( array_sep . str_array_element ) * ) ? . array_end
-
- let str_entry (kw:string) = [ key kw . value_sep . str_val ]
- let bool_entry (kw:string) = [ key kw . value_sep . bool_val ]
- let str_array_entry (kw:string) = [ key kw . value_sep . str_array_val ]
-
-
- (* Config entry grouped by function - same order as example config *)
- let vnc_entry = str_entry "vnc_listen"
- | bool_entry "vnc_tls"
- | str_entry "vnc_tls_x509_cert_dir"
- | bool_entry "vnc_tls_x509_verify"
- | str_entry "vnc_password"
- | bool_entry "vnc_sasl"
- | str_entry "vnc_sasl_dir"
- | str_entry "security_driver"
- | str_entry "user"
- | str_entry "group"
- | str_array_entry "cgroup_controllers"
- | str_array_entry "cgroup_device_acl"
- | str_entry "save_image_format"
- | str_entry "hugetlbfs_mount"
-
- (* Each enty in the config is one of the following three ... *)
- let entry = vnc_entry
- let comment = [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \t\n][^\n]*)?/ . del /\n/ "\n" ]
- let empty = [ label "#empty" . eol ]
-
- let record = indent . entry . eol
-
- let lns = ( record | comment | empty ) *
-
- let filter = incl "/etc/libvirt/qemu.conf"
- . Util.stdexcl
-
- let xfm = transform lns filter
+++ /dev/null
-module Test_libvirtd_qemu =
-
- let conf = "# Master configuration file for the QEMU driver.
-# All settings described here are optional - if omitted, sensible
-# defaults are used.
-
-# VNC is configured to listen on 127.0.0.1 by default.
-# To make it listen on all public interfaces, uncomment
-# this next option.
-#
-# NB, strong recommendation to enable TLS + x509 certificate
-# verification when allowing public access
-#
-vnc_listen = \"0.0.0.0\"
-
-
-# Enable use of TLS encryption on the VNC server. This requires
-# a VNC client which supports the VeNCrypt protocol extension.
-# Examples include vinagre, virt-viewer, virt-manager and vencrypt
-# itself. UltraVNC, RealVNC, TightVNC do not support this
-#
-# It is necessary to setup CA and issue a server certificate
-# before enabling this.
-#
-vnc_tls = 1
-
-
-# Use of TLS requires that x509 certificates be issued. The
-# default it to keep them in /etc/pki/libvirt-vnc. This directory
-# must contain
-#
-# ca-cert.pem - the CA master certificate
-# server-cert.pem - the server certificate signed with ca-cert.pem
-# server-key.pem - the server private key
-#
-# This option allows the certificate directory to be changed
-#
-vnc_tls_x509_cert_dir = \"/etc/pki/libvirt-vnc\"
-
-
-# The default TLS configuration only uses certificates for the server
-# allowing the client to verify the server's identity and establish
-# and encrypted channel.
-#
-# It is possible to use x509 certificates for authentication too, by
-# issuing a x509 certificate to every client who needs to connect.
-#
-# Enabling this option will reject any client who does not have a
-# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
-#
-vnc_tls_x509_verify = 1
-
-
-# The default VNC password. Only 8 letters are significant for
-# VNC passwords. This parameter is only used if the per-domain
-# XML config does not already provide a password. To allow
-# access without passwords, leave this commented out. An empty
-# string will still enable passwords, but be rejected by QEMU
-# effectively preventing any use of VNC. Obviously change this
-# example here before you set this
-#
-vnc_password = \"XYZ12345\"
-
-
-# Enable use of SASL encryption on the VNC server. This requires
-# a VNC client which supports the SASL protocol extension.
-# Examples include vinagre, virt-viewer and virt-manager
-# itself. UltraVNC, RealVNC, TightVNC do not support this
-#
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
-# the desired SASL plugin (eg, GSSPI for Kerberos)
-#
-vnc_sasl = 1
-
-
-# The default SASL configuration file is located in /etc/sasl2/
-# When running libvirtd unprivileged, it may be desirable to
-# override the configs in this location. Set this parameter to
-# point to the directory, and create a qemu.conf in that location
-#
-vnc_sasl_dir = \"/some/directory/sasl2\"
-
-security_driver = \"selinux\"
-
-user = \"root\"
-
-group = \"root\"
-
-cgroup_controllers = [ \"cpu\", \"devices\" ]
-
-cgroup_device_acl = [ \"/dev/null\", \"/dev/full\", \"/dev/zero\" ]
-
-save_image_format = \"gzip\"
-
-hugetlbfs_mount = \"/dev/hugepages\"
-"
-
- test Libvirtd_qemu.lns get conf =
-{ "#comment" = "Master configuration file for the QEMU driver." }
-{ "#comment" = "All settings described here are optional - if omitted, sensible" }
-{ "#comment" = "defaults are used." }
-{ "#empty" }
-{ "#comment" = "VNC is configured to listen on 127.0.0.1 by default." }
-{ "#comment" = "To make it listen on all public interfaces, uncomment" }
-{ "#comment" = "this next option." }
-{ "#comment" = "" }
-{ "#comment" = "NB, strong recommendation to enable TLS + x509 certificate" }
-{ "#comment" = "verification when allowing public access" }
-{ "#comment" = "" }
-{ "vnc_listen" = "0.0.0.0" }
-{ "#empty" }
-{ "#empty" }
-{ "#comment" = "Enable use of TLS encryption on the VNC server. This requires" }
-{ "#comment" = "a VNC client which supports the VeNCrypt protocol extension." }
-{ "#comment" = "Examples include vinagre, virt-viewer, virt-manager and vencrypt" }
-{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
-{ "#comment" = "" }
-{ "#comment" = "It is necessary to setup CA and issue a server certificate" }
-{ "#comment" = "before enabling this." }
-{ "#comment" = "" }
-{ "vnc_tls" = "1" }
-{ "#empty" }
-{ "#empty" }
-{ "#comment" = "Use of TLS requires that x509 certificates be issued. The" }
-{ "#comment" = "default it to keep them in /etc/pki/libvirt-vnc. This directory" }
-{ "#comment" = "must contain" }
-{ "#comment" = "" }
-{ "#comment" = "ca-cert.pem - the CA master certificate" }
-{ "#comment" = "server-cert.pem - the server certificate signed with ca-cert.pem" }
-{ "#comment" = "server-key.pem - the server private key" }
-{ "#comment" = "" }
-{ "#comment" = "This option allows the certificate directory to be changed" }
-{ "#comment" = "" }
-{ "vnc_tls_x509_cert_dir" = "/etc/pki/libvirt-vnc" }
-{ "#empty" }
-{ "#empty" }
-{ "#comment" = "The default TLS configuration only uses certificates for the server" }
-{ "#comment" = "allowing the client to verify the server's identity and establish" }
-{ "#comment" = "and encrypted channel." }
-{ "#comment" = "" }
-{ "#comment" = "It is possible to use x509 certificates for authentication too, by" }
-{ "#comment" = "issuing a x509 certificate to every client who needs to connect." }
-{ "#comment" = "" }
-{ "#comment" = "Enabling this option will reject any client who does not have a" }
-{ "#comment" = "certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem" }
-{ "#comment" = "" }
-{ "vnc_tls_x509_verify" = "1" }
-{ "#empty" }
-{ "#empty" }
-{ "#comment" = "The default VNC password. Only 8 letters are significant for" }
-{ "#comment" = "VNC passwords. This parameter is only used if the per-domain" }
-{ "#comment" = "XML config does not already provide a password. To allow" }
-{ "#comment" = "access without passwords, leave this commented out. An empty" }
-{ "#comment" = "string will still enable passwords, but be rejected by QEMU" }
-{ "#comment" = "effectively preventing any use of VNC. Obviously change this" }
-{ "#comment" = "example here before you set this" }
-{ "#comment" = "" }
-{ "vnc_password" = "XYZ12345" }
-{ "#empty" }
-{ "#empty" }
-{ "#comment" = "Enable use of SASL encryption on the VNC server. This requires" }
-{ "#comment" = "a VNC client which supports the SASL protocol extension." }
-{ "#comment" = "Examples include vinagre, virt-viewer and virt-manager" }
-{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
-{ "#comment" = "" }
-{ "#comment" = "It is necessary to configure /etc/sasl2/qemu.conf to choose" }
-{ "#comment" = "the desired SASL plugin (eg, GSSPI for Kerberos)" }
-{ "#comment" = "" }
-{ "vnc_sasl" = "1" }
-{ "#empty" }
-{ "#empty" }
-{ "#comment" = "The default SASL configuration file is located in /etc/sasl2/" }
-{ "#comment" = "When running libvirtd unprivileged, it may be desirable to" }
-{ "#comment" = "override the configs in this location. Set this parameter to" }
-{ "#comment" = "point to the directory, and create a qemu.conf in that location" }
-{ "#comment" = "" }
-{ "vnc_sasl_dir" = "/some/directory/sasl2" }
-{ "#empty" }
-{ "security_driver" = "selinux" }
-{ "#empty" }
-{ "user" = "root" }
-{ "#empty" }
-{ "group" = "root" }
-{ "#empty" }
-{ "cgroup_controllers"
- { "1" = "cpu" }
- { "2" = "devices" }
-}
-{ "#empty" }
-{ "cgroup_device_acl"
- { "1" = "/dev/null" }
- { "2" = "/dev/full" }
- { "3" = "/dev/zero" }
-}
-{ "#empty" }
-{ "save_image_format" = "gzip" }
-{ "#empty" }
-{ "hugetlbfs_mount" = "/dev/hugepages" }
\ No newline at end of file
$(WARN_CFLAGS) \
$(LOCK_CHECKING_CFLAGS)
-confdir = $(sysconfdir)/libvirt/
-conf_DATA = qemu.conf
-
EXTRA_DIST = $(conf_DATA)
+if WITH_NETWORK
+UUID=$(shell uuidgen 2>/dev/null)
+endif
lib_LTLIBRARIES = libvirt.la
libvirt_driver_qemu_la_LDFLAGS += -module -avoid-version
endif
libvirt_driver_qemu_la_SOURCES = $(QEMU_DRIVER_SOURCES)
+
+confdir = $(sysconfdir)/libvirt/
+conf_DATA = qemu/qemu.conf
+
+augeasdir = $(datadir)/augeas/lenses
+augeas_DATA = qemu/libvirtd_qemu.aug
+
+augeastestdir = $(datadir)/augeas/lenses/tests
+augeastest_DATA = qemu/test_libvirtd_qemu.aug
+
+check-local:
+ test -x '$(AUGPARSE)' \
+ && '$(AUGPARSE)' -I $(srcdir) $(srcdir)/test_libvirtd_qemu.aug || :
+
endif
+EXTRA_DIST += qemu/qemu.conf qemu/libvirtd_qemu.aug qemu/test_libvirtd_qemu.aug
+
if WITH_LXC
if WITH_DRIVER_MODULES
endif
libvirt_driver_network_la_SOURCES = $(NETWORK_DRIVER_SOURCES)
endif
+EXTRA_DIST += network/default.xml
+
+
+
if WITH_NETCF
libvirt_driver_interface_la_LDFLAGS = $(NETCF_LIBS)
endif
EXTRA_DIST += $(LXC_CONTROLLER_SOURCES)
-install-exec-local:
+install-data-local:
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/cache/libvirt"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/images"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/boot"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/qemu"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/run/libvirt/qemu"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/cache/libvirt/qemu"
+ $(MKDIR_P) "$(DESTDIR)$(localstatedir)/log/libvirt/qemu"
endif
if WITH_LXC
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/lxc"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/iptables/nat"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/network"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/run/libvirt/network"
+ $(MKDIR_P) "$(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart"
+ $(INSTALL_DATA) $(srcdir)/network/default.xml \
+ $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml
+ test -z "$(UUID)" || \
+ sed -i -e "s,</name>,</name>\n <uuid>$(UUID)</uuid>," \
+ $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml
+ test -e $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml || \
+ ln -s ../default.xml \
+ $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
+endif
+
+uninstall-local::
+ rmdir "$(DESTDIR)$(localstatedir)/cache/libvirt" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/images" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/boot" ||:
+if WITH_QEMU
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/qemu" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/run/libvirt/qemu" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/cache/libvirt/qemu" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/log/libvirt/qemu" ||:
endif
-
+if WITH_LXC
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/lxc" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/run/libvirt/lxc" ||:
+endif
+if WITH_UML
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/uml" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/run/libvirt/uml" ||:
+endif
+if WITH_NETWORK
+ rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
+ rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml
+ rmdir "$(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart" || :
+ rmdir "$(DESTDIR)$(sysconfdir)/libvirt/qemu/networks" || :
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/iptables/filter" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/iptables/nat" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/network" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/run/libvirt/network" ||:
+endif
+ rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt" ||:
CLEANFILES = *.gcov .libs/*.gcda .libs/*.gcno *.gcno *.gcda *.i *.s
DISTCLEANFILES = $(BUILT_SOURCES)
--- /dev/null
+<network>
+ <name>default</name>
+ <bridge name="virbr0" />
+ <forward/>
+ <ip address="192.168.122.1" netmask="255.255.255.0">
+ <dhcp>
+ <range start="192.168.122.2" end="192.168.122.254" />
+ </dhcp>
+ </ip>
+</network>
+++ /dev/null
-# Master configuration file for the QEMU driver.
-# All settings described here are optional - if omitted, sensible
-# defaults are used.
-
-# VNC is configured to listen on 127.0.0.1 by default.
-# To make it listen on all public interfaces, uncomment
-# this next option.
-#
-# NB, strong recommendation to enable TLS + x509 certificate
-# verification when allowing public access
-#
-# vnc_listen = "0.0.0.0"
-
-
-# Enable use of TLS encryption on the VNC server. This requires
-# a VNC client which supports the VeNCrypt protocol extension.
-# Examples include vinagre, virt-viewer, virt-manager and vencrypt
-# itself. UltraVNC, RealVNC, TightVNC do not support this
-#
-# It is necessary to setup CA and issue a server certificate
-# before enabling this.
-#
-# vnc_tls = 1
-
-
-# Use of TLS requires that x509 certificates be issued. The
-# default it to keep them in /etc/pki/libvirt-vnc. This directory
-# must contain
-#
-# ca-cert.pem - the CA master certificate
-# server-cert.pem - the server certificate signed with ca-cert.pem
-# server-key.pem - the server private key
-#
-# This option allows the certificate directory to be changed
-#
-# vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
-
-
-# The default TLS configuration only uses certificates for the server
-# allowing the client to verify the server's identity and establish
-# and encrypted channel.
-#
-# It is possible to use x509 certificates for authentication too, by
-# issuing a x509 certificate to every client who needs to connect.
-#
-# Enabling this option will reject any client who does not have a
-# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
-#
-# vnc_tls_x509_verify = 1
-
-
-# The default VNC password. Only 8 letters are significant for
-# VNC passwords. This parameter is only used if the per-domain
-# XML config does not already provide a password. To allow
-# access without passwords, leave this commented out. An empty
-# string will still enable passwords, but be rejected by QEMU
-# effectively preventing any use of VNC. Obviously change this
-# example here before you set this
-#
-# vnc_password = "XYZ12345"
-
-
-# Enable use of SASL encryption on the VNC server. This requires
-# a VNC client which supports the SASL protocol extension.
-# Examples include vinagre, virt-viewer and virt-manager
-# itself. UltraVNC, RealVNC, TightVNC do not support this
-#
-# It is necessary to configure /etc/sasl2/qemu.conf to choose
-# the desired SASL plugin (eg, GSSPI for Kerberos)
-#
-# vnc_sasl = 1
-
-
-# The default SASL configuration file is located in /etc/sasl2/
-# When running libvirtd unprivileged, it may be desirable to
-# override the configs in this location. Set this parameter to
-# point to the directory, and create a qemu.conf in that location
-#
-# vnc_sasl_dir = "/some/directory/sasl2"
-
-
-
-
-# The default security driver is SELinux. If SELinux is disabled
-# on the host, then the security driver will automatically disable
-# itself. If you wish to disable QEMU SELinux security driver while
-# leaving SELinux enabled for the host in general, then set this
-# to 'none' instead
-#
-# security_driver = "selinux"
-
-
-# The user ID for QEMU processes run by the system instance
-#user = "root"
-
-# The group ID for QEMU processes run by the system instance
-#group = "root"
-
-
-# What cgroup controllers to make use of with QEMU guests
-#
-# - 'cpu' - use for schedular tunables
-# - 'devices' - use for device whitelisting
-#
-# NB, even if configured here, they won't be used unless
-# the adminsitrator has mounted cgroups. eg
-#
-# mkdir /dev/cgroup
-# mount -t cgroup -o devices,cpu none /dev/cgroup
-#
-# They can be mounted anywhere, and different controlers
-# can be mounted in different locations. libvirt will detect
-# where they are located.
-#
-# cgroup_controllers = [ "cpu", "devices" ]
-
-# This is the basic set of devices allowed / required by
-# all virtual machines.
-#
-# As well as this, any configured block backed disks,
-# all sound device, and all PTY devices are allowed.
-#
-# This will only need setting if newer QEMU suddenly
-# wants some device we don't already know a bout.
-#
-#cgroup_device_acl = [
-# "/dev/null", "/dev/full", "/dev/zero",
-# "/dev/random", "/dev/urandom",
-# "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
-# "/dev/rtc", "/dev/hpet", "/dev/net/tun",
-#]
-
-# The default format for Qemu/KVM guest save images is raw; that is, the
-# memory from the domain is dumped out directly to a file. If you have
-# guests with a large amount of memory, however, this can take up quite
-# a bit of space. If you would like to compress the images while they
-# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
-# for save_image_format. Note that this means you slow down the process of
-# saving a domain in order to save disk space; the list above is in descending
-# order by performance and ascending order by compression ratio.
-#
-# save_image_format = "raw"
-
-# If provided by the host and a hugetlbfs mount point is configured,
-# a guest may request huge page backing. When this mount point is
-# unspecified here, determination of a host mount point in /proc/mounts
-# will be attempted. Specifying an explicit mount overrides detection
-# of the same in /proc/mounts. Setting the mount point to "" will
-# disable guest hugepage backing.
-#
-# NB, within this mount point, guests will create memory backing files
-# in a location of $MOUNTPOINT/libvirt/qemu
-
-# hugetlbfs_mount = "/dev/hugepages"
--- /dev/null
+(* /etc/libvirt/qemu.conf *)
+
+module Libvirtd_qemu =
+ autoload xfm
+
+ let eol = del /[ \t]*\n/ "\n"
+ let value_sep = del /[ \t]*=[ \t]*/ " = "
+ let indent = del /[ \t]*/ ""
+
+ let array_sep = del /,[ \t\n]*/ ", "
+ let array_start = del /\[[ \t\n]*/ "[ "
+ let array_end = del /\]/ "]"
+
+ let str_val = del /\"/ "\"" . store /[^\"]*/ . del /\"/ "\""
+ let bool_val = store /0|1/
+ let str_array_element = [ seq "el" . str_val ] . del /[ \t\n]*/ ""
+ let str_array_val = counter "el" . array_start . ( str_array_element . ( array_sep . str_array_element ) * ) ? . array_end
+
+ let str_entry (kw:string) = [ key kw . value_sep . str_val ]
+ let bool_entry (kw:string) = [ key kw . value_sep . bool_val ]
+ let str_array_entry (kw:string) = [ key kw . value_sep . str_array_val ]
+
+
+ (* Config entry grouped by function - same order as example config *)
+ let vnc_entry = str_entry "vnc_listen"
+ | bool_entry "vnc_tls"
+ | str_entry "vnc_tls_x509_cert_dir"
+ | bool_entry "vnc_tls_x509_verify"
+ | str_entry "vnc_password"
+ | bool_entry "vnc_sasl"
+ | str_entry "vnc_sasl_dir"
+ | str_entry "security_driver"
+ | str_entry "user"
+ | str_entry "group"
+ | str_array_entry "cgroup_controllers"
+ | str_array_entry "cgroup_device_acl"
+ | str_entry "save_image_format"
+ | str_entry "hugetlbfs_mount"
+
+ (* Each enty in the config is one of the following three ... *)
+ let entry = vnc_entry
+ let comment = [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \t\n][^\n]*)?/ . del /\n/ "\n" ]
+ let empty = [ label "#empty" . eol ]
+
+ let record = indent . entry . eol
+
+ let lns = ( record | comment | empty ) *
+
+ let filter = incl "/etc/libvirt/qemu.conf"
+ . Util.stdexcl
+
+ let xfm = transform lns filter
--- /dev/null
+# Master configuration file for the QEMU driver.
+# All settings described here are optional - if omitted, sensible
+# defaults are used.
+
+# VNC is configured to listen on 127.0.0.1 by default.
+# To make it listen on all public interfaces, uncomment
+# this next option.
+#
+# NB, strong recommendation to enable TLS + x509 certificate
+# verification when allowing public access
+#
+# vnc_listen = "0.0.0.0"
+
+
+# Enable use of TLS encryption on the VNC server. This requires
+# a VNC client which supports the VeNCrypt protocol extension.
+# Examples include vinagre, virt-viewer, virt-manager and vencrypt
+# itself. UltraVNC, RealVNC, TightVNC do not support this
+#
+# It is necessary to setup CA and issue a server certificate
+# before enabling this.
+#
+# vnc_tls = 1
+
+
+# Use of TLS requires that x509 certificates be issued. The
+# default it to keep them in /etc/pki/libvirt-vnc. This directory
+# must contain
+#
+# ca-cert.pem - the CA master certificate
+# server-cert.pem - the server certificate signed with ca-cert.pem
+# server-key.pem - the server private key
+#
+# This option allows the certificate directory to be changed
+#
+# vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
+
+
+# The default TLS configuration only uses certificates for the server
+# allowing the client to verify the server's identity and establish
+# and encrypted channel.
+#
+# It is possible to use x509 certificates for authentication too, by
+# issuing a x509 certificate to every client who needs to connect.
+#
+# Enabling this option will reject any client who does not have a
+# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
+#
+# vnc_tls_x509_verify = 1
+
+
+# The default VNC password. Only 8 letters are significant for
+# VNC passwords. This parameter is only used if the per-domain
+# XML config does not already provide a password. To allow
+# access without passwords, leave this commented out. An empty
+# string will still enable passwords, but be rejected by QEMU
+# effectively preventing any use of VNC. Obviously change this
+# example here before you set this
+#
+# vnc_password = "XYZ12345"
+
+
+# Enable use of SASL encryption on the VNC server. This requires
+# a VNC client which supports the SASL protocol extension.
+# Examples include vinagre, virt-viewer and virt-manager
+# itself. UltraVNC, RealVNC, TightVNC do not support this
+#
+# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# the desired SASL plugin (eg, GSSPI for Kerberos)
+#
+# vnc_sasl = 1
+
+
+# The default SASL configuration file is located in /etc/sasl2/
+# When running libvirtd unprivileged, it may be desirable to
+# override the configs in this location. Set this parameter to
+# point to the directory, and create a qemu.conf in that location
+#
+# vnc_sasl_dir = "/some/directory/sasl2"
+
+
+
+
+# The default security driver is SELinux. If SELinux is disabled
+# on the host, then the security driver will automatically disable
+# itself. If you wish to disable QEMU SELinux security driver while
+# leaving SELinux enabled for the host in general, then set this
+# to 'none' instead
+#
+# security_driver = "selinux"
+
+
+# The user ID for QEMU processes run by the system instance
+#user = "root"
+
+# The group ID for QEMU processes run by the system instance
+#group = "root"
+
+
+# What cgroup controllers to make use of with QEMU guests
+#
+# - 'cpu' - use for schedular tunables
+# - 'devices' - use for device whitelisting
+#
+# NB, even if configured here, they won't be used unless
+# the adminsitrator has mounted cgroups. eg
+#
+# mkdir /dev/cgroup
+# mount -t cgroup -o devices,cpu none /dev/cgroup
+#
+# They can be mounted anywhere, and different controlers
+# can be mounted in different locations. libvirt will detect
+# where they are located.
+#
+# cgroup_controllers = [ "cpu", "devices" ]
+
+# This is the basic set of devices allowed / required by
+# all virtual machines.
+#
+# As well as this, any configured block backed disks,
+# all sound device, and all PTY devices are allowed.
+#
+# This will only need setting if newer QEMU suddenly
+# wants some device we don't already know a bout.
+#
+#cgroup_device_acl = [
+# "/dev/null", "/dev/full", "/dev/zero",
+# "/dev/random", "/dev/urandom",
+# "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
+# "/dev/rtc", "/dev/hpet", "/dev/net/tun",
+#]
+
+# The default format for Qemu/KVM guest save images is raw; that is, the
+# memory from the domain is dumped out directly to a file. If you have
+# guests with a large amount of memory, however, this can take up quite
+# a bit of space. If you would like to compress the images while they
+# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
+# for save_image_format. Note that this means you slow down the process of
+# saving a domain in order to save disk space; the list above is in descending
+# order by performance and ascending order by compression ratio.
+#
+# save_image_format = "raw"
+
+# If provided by the host and a hugetlbfs mount point is configured,
+# a guest may request huge page backing. When this mount point is
+# unspecified here, determination of a host mount point in /proc/mounts
+# will be attempted. Specifying an explicit mount overrides detection
+# of the same in /proc/mounts. Setting the mount point to "" will
+# disable guest hugepage backing.
+#
+# NB, within this mount point, guests will create memory backing files
+# in a location of $MOUNTPOINT/libvirt/qemu
+
+# hugetlbfs_mount = "/dev/hugepages"
--- /dev/null
+module Test_libvirtd_qemu =
+
+ let conf = "# Master configuration file for the QEMU driver.
+# All settings described here are optional - if omitted, sensible
+# defaults are used.
+
+# VNC is configured to listen on 127.0.0.1 by default.
+# To make it listen on all public interfaces, uncomment
+# this next option.
+#
+# NB, strong recommendation to enable TLS + x509 certificate
+# verification when allowing public access
+#
+vnc_listen = \"0.0.0.0\"
+
+
+# Enable use of TLS encryption on the VNC server. This requires
+# a VNC client which supports the VeNCrypt protocol extension.
+# Examples include vinagre, virt-viewer, virt-manager and vencrypt
+# itself. UltraVNC, RealVNC, TightVNC do not support this
+#
+# It is necessary to setup CA and issue a server certificate
+# before enabling this.
+#
+vnc_tls = 1
+
+
+# Use of TLS requires that x509 certificates be issued. The
+# default it to keep them in /etc/pki/libvirt-vnc. This directory
+# must contain
+#
+# ca-cert.pem - the CA master certificate
+# server-cert.pem - the server certificate signed with ca-cert.pem
+# server-key.pem - the server private key
+#
+# This option allows the certificate directory to be changed
+#
+vnc_tls_x509_cert_dir = \"/etc/pki/libvirt-vnc\"
+
+
+# The default TLS configuration only uses certificates for the server
+# allowing the client to verify the server's identity and establish
+# and encrypted channel.
+#
+# It is possible to use x509 certificates for authentication too, by
+# issuing a x509 certificate to every client who needs to connect.
+#
+# Enabling this option will reject any client who does not have a
+# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
+#
+vnc_tls_x509_verify = 1
+
+
+# The default VNC password. Only 8 letters are significant for
+# VNC passwords. This parameter is only used if the per-domain
+# XML config does not already provide a password. To allow
+# access without passwords, leave this commented out. An empty
+# string will still enable passwords, but be rejected by QEMU
+# effectively preventing any use of VNC. Obviously change this
+# example here before you set this
+#
+vnc_password = \"XYZ12345\"
+
+
+# Enable use of SASL encryption on the VNC server. This requires
+# a VNC client which supports the SASL protocol extension.
+# Examples include vinagre, virt-viewer and virt-manager
+# itself. UltraVNC, RealVNC, TightVNC do not support this
+#
+# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# the desired SASL plugin (eg, GSSPI for Kerberos)
+#
+vnc_sasl = 1
+
+
+# The default SASL configuration file is located in /etc/sasl2/
+# When running libvirtd unprivileged, it may be desirable to
+# override the configs in this location. Set this parameter to
+# point to the directory, and create a qemu.conf in that location
+#
+vnc_sasl_dir = \"/some/directory/sasl2\"
+
+security_driver = \"selinux\"
+
+user = \"root\"
+
+group = \"root\"
+
+cgroup_controllers = [ \"cpu\", \"devices\" ]
+
+cgroup_device_acl = [ \"/dev/null\", \"/dev/full\", \"/dev/zero\" ]
+
+save_image_format = \"gzip\"
+
+hugetlbfs_mount = \"/dev/hugepages\"
+"
+
+ test Libvirtd_qemu.lns get conf =
+{ "#comment" = "Master configuration file for the QEMU driver." }
+{ "#comment" = "All settings described here are optional - if omitted, sensible" }
+{ "#comment" = "defaults are used." }
+{ "#empty" }
+{ "#comment" = "VNC is configured to listen on 127.0.0.1 by default." }
+{ "#comment" = "To make it listen on all public interfaces, uncomment" }
+{ "#comment" = "this next option." }
+{ "#comment" = "" }
+{ "#comment" = "NB, strong recommendation to enable TLS + x509 certificate" }
+{ "#comment" = "verification when allowing public access" }
+{ "#comment" = "" }
+{ "vnc_listen" = "0.0.0.0" }
+{ "#empty" }
+{ "#empty" }
+{ "#comment" = "Enable use of TLS encryption on the VNC server. This requires" }
+{ "#comment" = "a VNC client which supports the VeNCrypt protocol extension." }
+{ "#comment" = "Examples include vinagre, virt-viewer, virt-manager and vencrypt" }
+{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
+{ "#comment" = "" }
+{ "#comment" = "It is necessary to setup CA and issue a server certificate" }
+{ "#comment" = "before enabling this." }
+{ "#comment" = "" }
+{ "vnc_tls" = "1" }
+{ "#empty" }
+{ "#empty" }
+{ "#comment" = "Use of TLS requires that x509 certificates be issued. The" }
+{ "#comment" = "default it to keep them in /etc/pki/libvirt-vnc. This directory" }
+{ "#comment" = "must contain" }
+{ "#comment" = "" }
+{ "#comment" = "ca-cert.pem - the CA master certificate" }
+{ "#comment" = "server-cert.pem - the server certificate signed with ca-cert.pem" }
+{ "#comment" = "server-key.pem - the server private key" }
+{ "#comment" = "" }
+{ "#comment" = "This option allows the certificate directory to be changed" }
+{ "#comment" = "" }
+{ "vnc_tls_x509_cert_dir" = "/etc/pki/libvirt-vnc" }
+{ "#empty" }
+{ "#empty" }
+{ "#comment" = "The default TLS configuration only uses certificates for the server" }
+{ "#comment" = "allowing the client to verify the server's identity and establish" }
+{ "#comment" = "and encrypted channel." }
+{ "#comment" = "" }
+{ "#comment" = "It is possible to use x509 certificates for authentication too, by" }
+{ "#comment" = "issuing a x509 certificate to every client who needs to connect." }
+{ "#comment" = "" }
+{ "#comment" = "Enabling this option will reject any client who does not have a" }
+{ "#comment" = "certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem" }
+{ "#comment" = "" }
+{ "vnc_tls_x509_verify" = "1" }
+{ "#empty" }
+{ "#empty" }
+{ "#comment" = "The default VNC password. Only 8 letters are significant for" }
+{ "#comment" = "VNC passwords. This parameter is only used if the per-domain" }
+{ "#comment" = "XML config does not already provide a password. To allow" }
+{ "#comment" = "access without passwords, leave this commented out. An empty" }
+{ "#comment" = "string will still enable passwords, but be rejected by QEMU" }
+{ "#comment" = "effectively preventing any use of VNC. Obviously change this" }
+{ "#comment" = "example here before you set this" }
+{ "#comment" = "" }
+{ "vnc_password" = "XYZ12345" }
+{ "#empty" }
+{ "#empty" }
+{ "#comment" = "Enable use of SASL encryption on the VNC server. This requires" }
+{ "#comment" = "a VNC client which supports the SASL protocol extension." }
+{ "#comment" = "Examples include vinagre, virt-viewer and virt-manager" }
+{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
+{ "#comment" = "" }
+{ "#comment" = "It is necessary to configure /etc/sasl2/qemu.conf to choose" }
+{ "#comment" = "the desired SASL plugin (eg, GSSPI for Kerberos)" }
+{ "#comment" = "" }
+{ "vnc_sasl" = "1" }
+{ "#empty" }
+{ "#empty" }
+{ "#comment" = "The default SASL configuration file is located in /etc/sasl2/" }
+{ "#comment" = "When running libvirtd unprivileged, it may be desirable to" }
+{ "#comment" = "override the configs in this location. Set this parameter to" }
+{ "#comment" = "point to the directory, and create a qemu.conf in that location" }
+{ "#comment" = "" }
+{ "vnc_sasl_dir" = "/some/directory/sasl2" }
+{ "#empty" }
+{ "security_driver" = "selinux" }
+{ "#empty" }
+{ "user" = "root" }
+{ "#empty" }
+{ "group" = "root" }
+{ "#empty" }
+{ "cgroup_controllers"
+ { "1" = "cpu" }
+ { "2" = "devices" }
+}
+{ "#empty" }
+{ "cgroup_device_acl"
+ { "1" = "/dev/null" }
+ { "2" = "/dev/full" }
+ { "3" = "/dev/zero" }
+}
+{ "#empty" }
+{ "save_image_format" = "gzip" }
+{ "#empty" }
+{ "hugetlbfs_mount" = "/dev/hugepages" }
\ No newline at end of file
test -z "$srcdir" && srcdir=`pwd`
test -z "$abs_srcdir" && abs_srcdir=`pwd`
-DIRS="../qemud"
+DIRS="../src/network"
n=0
f=0
projects / libvirt.git / commitdiff