11:36 a.m.
libvirtd is not listening for TLS connection by default.
Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not help
either.
However, starting 'libvirtd --listen' does work.
I'm running Fedora 8. I prefer to use the configuration file since
it is automatically started when the system reboots. Does anyone
know how to configure libvirtd to listen for tls?
Kenneth Nagin
3:24 a.m.
Kenneth Nagin wrote:
libvirtd is not listening for TLS connection by default.
Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not help
either.
However, starting 'libvirtd --listen' does work.
I'm running Fedora 8. I prefer to use the configuration file since
it is automatically started when the system reboots. Does anyone
know how to configure libvirtd to listen for tls?
Yes. As you found out, there are 2 things you need to do, the first of which is
to instruct libvirtd to listen, and the second of which is to make it listen for
TLS. You can accomplish the first on Fedora by editing /etc/sysconfig/libvirtd
and uncommenting the LIBVIRTD_ARGS="--listen" line. You can accomplish the
second by edit /etc/libvirt/libvirtd.conf by uncommenting the "listen_tls = 1"
line. Then "service libvirtd restart", and you should be good to go (this will
also preserve the configuration across reboots).
Chris Lalancette
9:04 a.m.
Kenneth Nagin wrote:
> libvirtd is not listening for TLS connection by default.
> Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not help
> either.
> However, starting 'libvirtd --listen' does work.
> I'm running Fedora 8. I prefer to use the configuration file since
> it is automatically started when the system reboots. Does anyone
> know how to configure libvirtd to listen for tls?
Yes. As you found out, there are 2 things you need to do, the first
of which is
to instruct libvirtd to listen, and the second of which is to make
it listen for
TLS. You can accomplish the first on Fedora by editing
/etc/sysconfig/libvirtd
and uncommenting the LIBVIRTD_ARGS="--listen" line. You can accomplish
the
second by edit /etc/libvirt/libvirtd.conf by uncommenting the
"listen_tls
= 1"
line. Then "service libvirtd restart", and you should be
good to go(this
will
also preserve the configuration across reboots).
Chris Lalancette
Thanks for the quick response. That solved the problem. I
suggest
updating the web document on
remote support.
Kenneth Nagin
9:21 a.m.
On Tue, May 13, 2008 at 05:04:43PM +0300, Kenneth Nagin wrote:
> Kenneth Nagin wrote:
> > libvirtd is not listening for TLS connection by default.
> > Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not help
> > either.
> > However, starting 'libvirtd --listen' does work.
> > I'm running Fedora 8. I prefer to use the configuration file since
> > it is automatically started when the system reboots. Does anyone
> > know how to configure libvirtd to listen for tls?
>
> Yes. As you found out, there are 2 things you need to do, the first
> of which is
> to instruct libvirtd to listen, and the second of which is to make
> it listen for
> TLS. You can accomplish the first on Fedora by editing
> /etc/sysconfig/libvirtd
> and uncommenting the LIBVIRTD_ARGS="--listen" line. You can accomplish
the
> second by edit /etc/libvirt/libvirtd.conf by uncommenting the "listen_tls
= 1"
> line. Then "service libvirtd restart", and you should be good to go(this
will
> also preserve the configuration across reboots).
>
> Chris Lalancette
Thanks for the quick response. That solved the problem. I suggest
updating the web document on
remote support.
Even better, send us a patch with your suggested documentation udate :-)
The web site is a checkout of the libvirt CVS docs subdirectory. Do a
CVS checkout, edit remote.html.in and send us the diff, it's not hard
and may help others !
thanks in advance,
Daniel
--
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard | virtualization library http://libvirt.org/
veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
9:26 a.m.
On Thu, May 15, 2008 at 10:21:46AM -0400, Daniel Veillard wrote:
On Tue, May 13, 2008 at 05:04:43PM +0300, Kenneth Nagin wrote:
> > Kenneth Nagin wrote:
> > > libvirtd is not listening for TLS connection by default.
> > > Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not
help
> > > either.
> > > However, starting 'libvirtd --listen' does work.
> > > I'm running Fedora 8. I prefer to use the configuration file since
> > > it is automatically started when the system reboots. Does anyone
> > > know how to configure libvirtd to listen for tls?
> >
> > Yes. As you found out, there are 2 things you need to do, the first
> > of which is
> > to instruct libvirtd to listen, and the second of which is to make
> > it listen for
> > TLS. You can accomplish the first on Fedora by editing
> > /etc/sysconfig/libvirtd
> > and uncommenting the LIBVIRTD_ARGS="--listen" line. You can
accomplish
> the
> > second by edit /etc/libvirt/libvirtd.conf by uncommenting the "listen_tls
> = 1"
> > line. Then "service libvirtd restart", and you should be good to
go(this
> will
> > also preserve the configuration across reboots).
> >
> > Chris Lalancette
> Thanks for the quick response. That solved the problem. I suggest
> updating the web document on
> remote support.
Even better, send us a patch with your suggested documentation udate :-)
The web site is a checkout of the libvirt CVS docs subdirectory. Do a
CVS checkout, edit remote.html.in and send us the diff, it's not hard
and may help others !
Since 0.4.1 the default configuration file has comments right next to
the 'listen_tls' and 'listen_tcp' options explicitly saying you need
to add the --listen flag.
Regards,
Daniel.
--
|: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
8:39 a.m.
On Thu, May 15, 2008 at 10:21:46AM -0400, Daniel Veillard wrote:
> On Tue, May 13, 2008 at 05:04:43PM +0300, Kenneth Nagin wrote:
> > > Kenneth Nagin wrote:
> > > > libvirtd is not listening for TLS connection by default.
> > > > Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does
not
help
> > > > either.
> > > > However, starting 'libvirtd --listen' does work.
> > > > I'm running Fedora 8. I prefer to use the configuration file
since
> > > > it is automatically started when the system
reboots. Does anyone
> > > > know how to configure libvirtd to listen for tls?
> > >
> > > Yes. As you found out, there are 2 things you need to do, the
first
> > > of which is
> > > to instruct libvirtd to listen, and the second of which is to make
> > > it listen for
> > > TLS. You can accomplish the first on Fedora by editing
> > > /etc/sysconfig/libvirtd
> > > and uncommenting the LIBVIRTD_ARGS="--listen" line. You can
accomplish
> > the
> > > second by edit /etc/libvirt/libvirtd.conf by uncommenting the
"listen_tls
> > = 1"
> > > line. Then "service libvirtd restart", and you should be goodto
go
(this
> > will
> > > also preserve the configuration across reboots).
> > >
> > > Chris Lalancette
> > Thanks for the quick response. That solved the problem. I suggest
> > updating the web document on
> > remote support.
>
> Even better, send us a patch with your suggested documentation
udate :-)
> The web site is a checkout of the libvirt CVS docs subdirectory.
Do a
> CVS checkout, edit remote.html.in and send us the diff, it's not hard
> and may help others !
Since 0.4.1 the default configuration file has comments right next to
the 'listen_tls' and 'listen_tcp' options explicitly saying you need
to add the --listen flag.
Regards,
Daniel.
--
|: Red Hat, Engineering, Boston -o-
http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o-
http://ovirt.org :|
|: http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B
9505 :|
Per your request I created this attached updated remote.html.in file:
(See attached file: remote.html.in.nagin)
This is the diff:
[nagin@lnx-nagin docs]$ diff remote.html.in remote.html.in.nagin
654a655,657
Note: it is also necessary to start the server in listening mode
by
running it with --listen or editing /etc/sysconfig/libvirtd by
uncommenting the
LIBVIRTD_ARGS="--listen" line
to cause the server to come up in listening mode whenever it is
started.
661a665
Note: it is also necessary to start the server in listening mode.
I hope these updates are acceptable.
- Kenneth Nagin
10:55 a.m.
On Mon, May 19, 2008 at 04:39:26PM +0300, Kenneth Nagin wrote:
[...]
Per your request I created this attached updated remote.html.in
file:
(See attached file: remote.html.in.nagin)
Looks fine, applied,
thanks !
Daniel
--
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard | virtualization library http://libvirt.org/
veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
6030
days inactive
6039
days old
6 comments
4 participants
participants (4)
-
Chris Lalancette -
Daniel P. Berrange -
Daniel Veillard -
Kenneth Nagin