Re: [libvirt] [PATCH v2 11/12] spice: introduce spice_auto_unix_socket config option
On Wed, May 11, 2016 at 05:08:30PM +0200, Pavel Hrdina wrote: > Signed-off-by: Pavel Hrdina> --- > src/qemu/qemu.conf | 11 +++ > src/qemu/qemu_conf.c | 1 + > src/qemu/qemu_conf.h | 1 + > src/qemu/qemu_process.c| 4 +++ > ...emuxml2argv-graphics-spice-auto-socket-cfg.args | 20 + > ...qemuxml2argv-graphics-spice-auto-socket-cfg.xml | 30 +++ > tests/qemuxml2argvtest.c | 5 > ...muxml2xmlout-graphics-spice-auto-socket-cfg.xml | 35 > ++ > tests/qemuxml2xmltest.c| 4 +++ > 9 files changed, 111 insertions(+) > create mode 100644 > tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args > create mode 100644 > tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml > create mode 100644 > tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml > > diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf > index 4fa5e8a..baf0b00 100644 > --- a/src/qemu/qemu.conf > +++ b/src/qemu/qemu.conf > @@ -130,6 +130,17 @@ > #spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" > > > +# Enable this option to have SPICE served over an automatically created > +# unix socket. This prevents unprivileged access from users on the > +# host machine, though most SPICE clients do not support it. > +# > +# This will only be enabled for SPICE configurations that do not have > +# a hardcoded 'listen' or 'socket' value. This setting takes preference I think the "hardcoded 'listen' or 'socket' value" should be rephrased to refer to nodes instead. Christophe signature.asc Description: PGP signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 11/12] spice: introduce spice_auto_unix_socket config option
On Wed, May 11, 2016 at 08:14:36PM +0200, Marc-André Lureau wrote: > Hi > > On Wed, May 11, 2016 at 5:08 PM, Pavel Hrdinawrote: > > Signed-off-by: Pavel Hrdina > > --- > > make check fails : > test_libvirtd_qemu.aug:68.3-145.28:exception thrown in test > test_libvirtd_qemu.aug:68.8-.34:exception: Iterated lens matched less > than it should > Lens: ./qemu/libvirtd_qemu.aug:113.13-.43: > Last match: ./qemu/libvirtd_qemu.aug:109.17-.31: > Error encountered at 13:0 (324 characters into string) > < = "/etc/pki/libvirt-spice"\n|=|spice_auto_unix_socket = 1\ns> I guess that I should install augeas :) thanks. > Tbh, I don't understand the need for unix socket listening when using > libvirt. If you use libvirt to manage your VM, you may as well just > use it to connect to the display (virti-viewer --attach). These avoid > having extra listening sockets. Other than that, looks good to me. This will allow us to add another way how to restrict access to the graphics console. I'll add a for the and administrator can set a uid/gid to restrict access to this socket. Pavel -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 11/12] spice: introduce spice_auto_unix_socket config option
Hi On Wed, May 11, 2016 at 5:08 PM, Pavel Hrdinawrote: > Signed-off-by: Pavel Hrdina > --- make check fails : test_libvirtd_qemu.aug:68.3-145.28:exception thrown in test test_libvirtd_qemu.aug:68.8-.34:exception: Iterated lens matched less than it should Lens: ./qemu/libvirtd_qemu.aug:113.13-.43: Last match: ./qemu/libvirtd_qemu.aug:109.17-.31: Error encountered at 13:0 (324 characters into string) < = "/etc/pki/libvirt-spice"\n|=|spice_auto_unix_socket = 1\ns> Tbh, I don't understand the need for unix socket listening when using libvirt. If you use libvirt to manage your VM, you may as well just use it to connect to the display (virti-viewer --attach). These avoid having extra listening sockets. Other than that, looks good to me. > src/qemu/qemu.conf | 11 +++ > src/qemu/qemu_conf.c | 1 + > src/qemu/qemu_conf.h | 1 + > src/qemu/qemu_process.c| 4 +++ > ...emuxml2argv-graphics-spice-auto-socket-cfg.args | 20 + > ...qemuxml2argv-graphics-spice-auto-socket-cfg.xml | 30 +++ > tests/qemuxml2argvtest.c | 5 > ...muxml2xmlout-graphics-spice-auto-socket-cfg.xml | 35 > ++ > tests/qemuxml2xmltest.c| 4 +++ > 9 files changed, 111 insertions(+) > create mode 100644 > tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args > create mode 100644 > tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml > create mode 100644 > tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml > > diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf > index 4fa5e8a..baf0b00 100644 > --- a/src/qemu/qemu.conf > +++ b/src/qemu/qemu.conf > @@ -130,6 +130,17 @@ > #spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" > > > +# Enable this option to have SPICE served over an automatically created > +# unix socket. This prevents unprivileged access from users on the > +# host machine, though most SPICE clients do not support it. > +# > +# This will only be enabled for SPICE configurations that do not have > +# a hardcoded 'listen' or 'socket' value. This setting takes preference > +# over spice_listen. > +# > +#spice_auto_unix_socket = 1 > + > + > # The default SPICE password. This parameter is only used if the > # per-domain XML config does not already provide a password. To > # allow access without passwords, leave this commented out. An > diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c > index e00ddca..d4c34c9 100644 > --- a/src/qemu/qemu_conf.c > +++ b/src/qemu/qemu_conf.c > @@ -588,6 +588,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr > cfg, > GET_VALUE_STR("spice_sasl_dir", cfg->spiceSASLdir); > GET_VALUE_STR("spice_listen", cfg->spiceListen); > GET_VALUE_STR("spice_password", cfg->spicePassword); > +GET_VALUE_BOOL("spice_auto_unix_socket", cfg->spiceAutoUnixSocket); > > > GET_VALUE_ULONG("remote_websocket_port_min", cfg->webSocketPortMin); > diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h > index a714b84..c94bf13 100644 > --- a/src/qemu/qemu_conf.h > +++ b/src/qemu/qemu_conf.h > @@ -123,6 +123,7 @@ struct _virQEMUDriverConfig { > char *spiceSASLdir; > char *spiceListen; > char *spicePassword; > +bool spiceAutoUnixSocket; > > int remotePortMin; > int remotePortMax; > diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c > index 21c2db2..05ddb32 100644 > --- a/src/qemu/qemu_process.c > +++ b/src/qemu/qemu_process.c > @@ -4438,7 +4438,11 @@ qemuProcessGraphicsListenGenerate(virDomainObjPtr vm, > break; > > case VIR_DOMAIN_GRAPHICS_TYPE_SPICE: > +if (cfg->spiceAutoUnixSocket) { > +autoSocket = true; > +} else { > listenAddr = cfg->spiceListen; > +} > break; > > case VIR_DOMAIN_GRAPHICS_TYPE_SDL: > diff --git > a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args > b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args > new file mode 100644 > index 000..61335b0 > --- /dev/null > +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args > @@ -0,0 +1,20 @@ > +LC_ALL=C \ > +PATH=/bin \ > +HOME=/home/test \ > +USER=test \ > +LOGNAME=test \ > +QEMU_AUDIO_DRV=spice \ > +/usr/bin/qemu \ > +-name QEMUGuest1 \ > +-S \ > +-M pc \ > +-m 214 \ > +-smp 1 \ > +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ > +-nodefaults \ > +-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \ > +-no-acpi \ > +-boot c \ > +-usb \ > +-spice unix,addr=/tmp/lib/domain--1-QEMUGuest1/spice.sock \ > +-vga cirrus > diff --git > a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml >
[libvirt] [PATCH v2 11/12] spice: introduce spice_auto_unix_socket config option
Signed-off-by: Pavel Hrdina--- src/qemu/qemu.conf | 11 +++ src/qemu/qemu_conf.c | 1 + src/qemu/qemu_conf.h | 1 + src/qemu/qemu_process.c| 4 +++ ...emuxml2argv-graphics-spice-auto-socket-cfg.args | 20 + ...qemuxml2argv-graphics-spice-auto-socket-cfg.xml | 30 +++ tests/qemuxml2argvtest.c | 5 ...muxml2xmlout-graphics-spice-auto-socket-cfg.xml | 35 ++ tests/qemuxml2xmltest.c| 4 +++ 9 files changed, 111 insertions(+) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-auto-socket-cfg.xml diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 4fa5e8a..baf0b00 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -130,6 +130,17 @@ #spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" +# Enable this option to have SPICE served over an automatically created +# unix socket. This prevents unprivileged access from users on the +# host machine, though most SPICE clients do not support it. +# +# This will only be enabled for SPICE configurations that do not have +# a hardcoded 'listen' or 'socket' value. This setting takes preference +# over spice_listen. +# +#spice_auto_unix_socket = 1 + + # The default SPICE password. This parameter is only used if the # per-domain XML config does not already provide a password. To # allow access without passwords, leave this commented out. An diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index e00ddca..d4c34c9 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -588,6 +588,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg, GET_VALUE_STR("spice_sasl_dir", cfg->spiceSASLdir); GET_VALUE_STR("spice_listen", cfg->spiceListen); GET_VALUE_STR("spice_password", cfg->spicePassword); +GET_VALUE_BOOL("spice_auto_unix_socket", cfg->spiceAutoUnixSocket); GET_VALUE_ULONG("remote_websocket_port_min", cfg->webSocketPortMin); diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index a714b84..c94bf13 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -123,6 +123,7 @@ struct _virQEMUDriverConfig { char *spiceSASLdir; char *spiceListen; char *spicePassword; +bool spiceAutoUnixSocket; int remotePortMin; int remotePortMax; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 21c2db2..05ddb32 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -4438,7 +4438,11 @@ qemuProcessGraphicsListenGenerate(virDomainObjPtr vm, break; case VIR_DOMAIN_GRAPHICS_TYPE_SPICE: +if (cfg->spiceAutoUnixSocket) { +autoSocket = true; +} else { listenAddr = cfg->spiceListen; +} break; case VIR_DOMAIN_GRAPHICS_TYPE_SDL: diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args new file mode 100644 index 000..61335b0 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.args @@ -0,0 +1,20 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/home/test \ +USER=test \ +LOGNAME=test \ +QEMU_AUDIO_DRV=spice \ +/usr/bin/qemu \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-m 214 \ +-smp 1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nodefaults \ +-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \ +-no-acpi \ +-boot c \ +-usb \ +-spice unix,addr=/tmp/lib/domain--1-QEMUGuest1/spice.sock \ +-vga cirrus diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml new file mode 100644 index 000..ff155c3 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-auto-socket-cfg.xml @@ -0,0 +1,30 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + +hvm + + + + destroy + restart + destroy + +/usr/bin/qemu + + + + + + + + + + + + + + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index a3651c9..f046060 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -950,6 +950,11 @@ mymain(void) DO_TEST("graphics-spice-auto-socket", QEMU_CAPS_SPICE, QEMU_CAPS_SPICE_UNIX); +driver.config->spiceAutoUnixSocket = true; +DO_TEST("graphics-spice-auto-socket-cfg", +QEMU_CAPS_SPICE, +QEMU_CAPS_SPICE_UNIX); +driver.config->spiceAutoUnixSocket = false; DO_TEST("input-usbmouse", NONE);