于 2011年01月26日 22:22, Daniel P. Berrange 写道:
On Wed, Jan 26, 2011 at 01:54:09PM +0100, Matthias Bolte wrote:
2011/1/24 Osier Yang<jyang@redhat.com>:
This new parameter allows user specifies where the client cerficate, client key, CA certificate of x509 is, instead of hardcoding it. If 'pkipath' is not specified, and the user is not root, try to find files in $HOME/.pki, as long as one of client cerficate, client key, CA certificate can not be found, use default global location (LIBVIRT_CACERT, LIBVIRT_CLIENTCERT, LIBVIRT_CLIENTKEY, see src/remote/remote_driver.h)
Isn't $HOME/.pki a bit to general? Shouldn't it be more specific like $HOME/.pki/libvirt or $HOME/.libvirt/pki?
Opps, yes I missed that. It should be $HOME/.pki/libvirt since we use /etc/pki/libvirt for host wide config
oh, yeah, make sense, will update.
Regards, Daniel