Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
libvirt
提交
85ef1955
L
libvirt
项目概览
openeuler
/
libvirt
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
L
libvirt
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
85ef1955
编写于
10月 12, 2007
作者:
D
Daniel P. Berrange
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Added default example configs for libvirtd/qemu driver
上级
912c18af
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
202 addition
and
2 deletion
+202
-2
libvirt.spec.in
libvirt.spec.in
+2
-0
qemud/Makefile.am
qemud/Makefile.am
+5
-1
qemud/libvirtd.conf
qemud/libvirtd.conf
+141
-0
src/Makefile.am
src/Makefile.am
+5
-1
src/qemu.conf
src/qemu.conf
+49
-0
未找到文件。
libvirt.spec.in
浏览文件 @
85ef1955
...
...
@@ -129,6 +129,8 @@ fi
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/autostart
%{_sysconfdir}/rc.d/init.d/libvirtd
%config(noreplace) %{_sysconfdir}/sysconfig/libvirtd
%config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf
%config(noreplace) %{_sysconfdir}/libvirt/qemu.conf
%dir %{_datadir}/libvirt/
%dir %{_datadir}/libvirt/networks/
%{_datadir}/libvirt/networks/default.xml
...
...
qemud/Makefile.am
浏览文件 @
85ef1955
...
...
@@ -4,6 +4,9 @@ UUID=$(shell uuidgen)
sbin_PROGRAMS
=
libvirtd
confdir
=
$(sysconfdir)
/libvirt/
conf_DATA
=
libvirtd.conf
# Distribute the generated files so that rpcgen isn't required on the
# target machine (although almost any Unix machine will have it).
EXTRA_DIST
=
libvirtd.init.in libvirtd.sysconf default-network.xml
\
...
...
@@ -14,7 +17,8 @@ EXTRA_DIST = libvirtd.init.in libvirtd.sysconf default-network.xml \
remote_dispatch_prototypes.h
\
remote_dispatch_localvars.h
\
remote_dispatch_proc_switch.h
\
mdns.c mdns.h
mdns.c mdns.h
\
$(conf_DATA)
libvirtd_SOURCES
=
\
qemud.c internal.h
\
...
...
qemud/libvirtd.conf
0 → 100644
浏览文件 @
85ef1955
# Master libvirt daemon configuration file
#
# For further information consult http://libvirt.org/format.html
# Flag listening for secure TLS connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
# have any effect.
#
# It is neccessary to setup a CA and issue server certificates before
# using this capability.
#
# This is enabled by default, uncomment this to disable it
# listen_tls = 0
# Listen for unencrypted TCP connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
# have any effect.
#
# NB, this is insecure. Do not use except for development.
#
# This is disabled by default, uncomment this to enable it.
# listen_tcp = 1
# Override the port for accepting secure TLS connections
# This can be a port number, or service name
#
# tls_port = "16514"
# Override the port for accepting insecure TCP connections
# This can be a port number, or service name
#
# tcp_port = "16509"
# Flag toggling mDNS advertizement of the libvirt service.
#
# Alternatively can disable for all services on a host by
# stopping the Avahi daemon
#
# This is enabled by default, uncomment this to disable it
# mdns_adv = 0
# Override the default mDNS advertizement name. This must be
# unique on the immediate broadcast network.
#
# The default is "Virtualization Host HOSTNAME", where HOSTNAME
# is subsituted for the short hostname of the machine (without domain)
#
# mdns_name "Virtualization Host Joe Demo"
# Set the UNIX domain socket group ownership. This can be used to
# allow a 'trusted' set of users access to management capabilities
# without becoming root.
#
# This is restricted to 'root' by default.
# unix_sock_group "libvirt"
# Set the UNIX socket permissions for the R/O socket. This is used
# for monitoring VM status only
#
# Default allows any user. If setting group ownership may want to
# restrict this to:
# unix_sock_ro_perms "0777"
# Set the UNIX socket permissions for the R/W socket. This is used
# for full management of VMs
#
# Default allows only root. If setting group ownership may want to
# relax this to:
# unix_sock_rw_perms "octal-perms" "0770"
# Flag to disable verification of client certificates
#
# Client certificate verification is the primary authentication mechanism.
# Any client which does not present a certificate signed by the CA
# will be rejected.
#
# Default is to always verify. Uncommenting this will disable
# verification - make sure an IP whitelist is set
# tls_no_verify_certificate 1
# Flag to disable verification of client IP address
#
# Client IP address will be verified against the CommonName field
# of the x509 certificate. This has minimal security benefit since
# it is easy to spoof source IP.
#
# Uncommenting this will disable verification
# tls_no_verify_address 1
# Override the default server key file path
#
# key_file "/etc/pki/libvirt/private/serverkey.pem"
# Override the default server certificate file path
#
# cert_file "/etc/pki/libvirt/servercert.pem"
# Override the default CA certificate path
#
# ca_file "/etc/pki/CA/cacert.pem"
# Specify a certificate revocation list.
#
# Defaults to not using a CRL, uncomment to enable it
# crl_file "/etc/pki/CA/crl.pem"
# A whitelist of allowed x509 Distinguished Names
# This list may contain wildcards such as
#
# "C=GB,ST=London,L=London,O=Red Hat,CN=*"
#
# See the POSIX fnmatch function for the format of the wildcards.
#
# NB If this is an empty list, no client can connect, so comment out
# entirely rather than using empty list to disable these checks
#
# By default, no DN's are checked
# tls_allowed_dn_list ["DN1", "DN2"]
# A whitelist of allowed client IP addresses
#
# This list may contain wildcards such as 192.168.* See the POSIX fnmatch
# function for the format of the wildcards.
#
# NB If this is an empty list, no client can connect, so comment out
# entirely rather than using empty list to disable these checks
#
# By default, no IP's are checked. This can be IPv4 or IPv6 addresses
# tls_allowed_ip_list ["ip1", "ip2", "ip3"]
src/Makefile.am
浏览文件 @
85ef1955
...
...
@@ -17,7 +17,11 @@ DEPS = libvirt.la
LDADDS
=
@STATIC_BINARIES@
$(WARN_CFLAGS)
libvirt.la
VIRSH_LIBS
=
@VIRSH_LIBS@
EXTRA_DIST
=
libvirt_sym.version
confdir
=
$(sysconfdir)
/libvirt/
conf_DATA
=
qemu.conf
EXTRA_DIST
=
libvirt_sym.version
$(conf_DATA)
lib_LTLIBRARIES
=
libvirt.la
libvirt_la_LIBADD
=
$(LIBXML_LIBS)
$(GNUTLS_LIBS)
...
...
src/qemu.conf
0 → 100644
浏览文件 @
85ef1955
# Master configuration file for the QEMU driver.
# All settings described here are optional - if omitted, sensible
# defaults are used.
# VNC is configured to listen on 127.0.0.1 by default.
# To make it listen on all public interfaces, uncomment
# this next option.
#
# NB, strong recommendation to enable TLS + x509 certificate
# verification when allowing public access
#
# vnc_listen = "0.0.0.0"
# Enable use of TLS encryption on the VNC server. This requires
# a VNC client which supports the VeNCrypt protocol extension.
# Examples include vinagre, virt-viewer, virt-manager and vencrypt
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
# It is neccessary to setup CA and issue a server certificate
# before enabling this.
#
# vnc_tls = 1
# Use of TLS requires that x509 certificates be issued. The
# default it to keep them in /etc/pki/libvirt-vnc. This directory
# must contain
#
# ca-cert.pem - the CA master certificate
# server-cert.pem - the server certificate signed with ca-cert.pem
# server-key.pem - the server private key
#
# This option allows the certificate directory to be changed
#
# vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
# The default TLS configuration only uses certificates for the server
# allowing the client to verify the server's identity and establish
# and encrypted channel.
#
# It is possible to use x509 certificates for authentication too, by
# issuing a x509 certificate to every client who needs to connect.
#
# Enabling this option will reject any client who does not have a
# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
#
# vnc_tls_x509_verify = 1
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录