--- qemud/qemud.c.orig 2008-05-10 16:46:36.000000000 +0200 +++ qemud/qemud.c 2008-05-10 17:01:34.000000000 +0200 @@ -69,6 +69,7 @@ /* Defaults for configuration file elements */ static int listen_tls = 1; static int listen_tcp = 0; +static char *ip_addr = (char *) LIBVIRTD_IP_ADDR; static char *tls_port = (char *) LIBVIRTD_TLS_PORT; static char *tcp_port = (char *) LIBVIRTD_TCP_PORT; @@ -537,7 +538,7 @@ // See: http://people.redhat.com/drepper/userapi-ipv6.html static int -remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *service) +remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *node, const char *service) { struct addrinfo *ai; struct addrinfo hints; @@ -545,7 +546,7 @@ hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; hints.ai_socktype = SOCK_STREAM; - int e = getaddrinfo (NULL, service, &hints, &ai); + int e = getaddrinfo (node, service, &hints, &ai); if (e != 0) { qemudLog (QEMUD_ERR, _("getaddrinfo: %s\n"), gai_strerror (e)); return -1; @@ -589,6 +590,7 @@ */ static int remoteListenTCP (struct qemud_server *server, + const char *addr, const char *port, int type, int auth) @@ -598,7 +600,7 @@ int i; struct qemud_socket *sock; - if (remoteMakeSockets (fds, 2, &nfds, port) == -1) + if (remoteMakeSockets (fds, 2, &nfds, addr, port) == -1) return -1; for (i = 0; i < nfds; ++i) { @@ -775,14 +777,14 @@ #endif if (ipsock) { - if (listen_tcp && remoteListenTCP (server, tcp_port, QEMUD_SOCK_TYPE_TCP, auth_tcp) < 0) + if (listen_tcp && remoteListenTCP (server, ip_addr, tcp_port, QEMUD_SOCK_TYPE_TCP, auth_tcp) < 0) goto cleanup; if (listen_tls) { if (remoteInitializeGnuTLS () < 0) goto cleanup; - if (remoteListenTCP (server, tls_port, QEMUD_SOCK_TYPE_TLS, auth_tls) < 0) + if (remoteListenTCP (server, ip_addr, tls_port, QEMUD_SOCK_TYPE_TLS, auth_tls) < 0) goto cleanup; } } @@ -1917,7 +1919,8 @@ GET_CONF_INT (conf, filename, listen_tls); GET_CONF_STR (conf, filename, tls_port); GET_CONF_STR (conf, filename, tcp_port); - + GET_CONF_STR (conf, filename, ip_addr); + if (remoteConfigGetAuth(conf, "auth_unix_rw", &auth_unix_rw, filename) < 0) goto free_and_fail; #if HAVE_POLKIT @@ -2002,10 +2005,10 @@ free (unix_sock_rw_perms); free (unix_sock_group); - /* Don't bother trying to free tcp_port, tls_port, key_file, cert_file, - ca_file, or crl_file, since they are initialized to non-malloc'd - strings. Besides, these are static variables, and callers are - unlikely to call this function more than once, so there wouldn't + /* Don't bother trying to free ip_addr, tcp_port, tls_port, key_file, + cert_file, ca_file, or crl_file, since they are initialized to + non-malloc'd strings. Besides, these are static variables, and callers + are unlikely to call this function more than once, so there wouldn't even be a real leak. */ if (tls_allowed_dn_list) { --- src/remote_internal.h.orig 2008-05-10 17:17:02.000000000 +0200 +++ src/remote_internal.h 2008-05-10 17:03:11.000000000 +0200 @@ -32,6 +32,7 @@ int remoteRegister (void); +#define LIBVIRTD_IP_ADDR NULL #define LIBVIRTD_TLS_PORT "16514" #define LIBVIRTD_TCP_PORT "16509" #define LIBVIRTD_PRIV_UNIX_SOCKET LOCAL_STATE_DIR "/run/libvirt/libvirt-sock" 33a34,38 > # Override the default configuration which binds to all network > # interfaces. This can be a dotted ip address (quoted), or hostname > # > # ip_addr = "192.168.0.1" >