On Thu, May 15, 2008 at 10:21:46AM -0400, Daniel Veillard wrote:
On Tue, May 13, 2008 at 05:04:43PM +0300, Kenneth Nagin wrote:
Kenneth Nagin wrote:
libvirtd is not listening for TLS connection by default. Setting 'listen_tls = 1' in /etc/libvirt/libvirtd.conf does not help either. However, starting 'libvirtd --listen' does work. I'm running Fedora 8. I prefer to use the configuration file since it is automatically started when the system reboots. Does anyone know how to configure libvirtd to listen for tls?
Yes. As you found out, there are 2 things you need to do, the first of which is to instruct libvirtd to listen, and the second of which is to make it listen for TLS. You can accomplish the first on Fedora by editing /etc/sysconfig/libvirtd and uncommenting the LIBVIRTD_ARGS="--listen" line. You can accomplish the second by edit /etc/libvirt/libvirtd.conf by uncommenting the "listen_tls = 1" line. Then "service libvirtd restart", and you should be goodto go (this will also preserve the configuration across reboots).
Chris Lalancette Thanks for the quick response. That solved the problem. I suggest updating the web document on remote support.
Even better, send us a patch with your suggested documentation udate :-) The web site is a checkout of the libvirt CVS docs subdirectory. Do a CVS checkout, edit remote.html.in and send us the diff, it's not hard and may help others !
Since 0.4.1 the default configuration file has comments right next to the 'listen_tls' and 'listen_tcp' options explicitly saying you need to add the --listen flag.
Regards, Daniel. -- |: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| Per your request I created this attached updated remote.html.in file: (See attached file: remote.html.in.nagin) This is the diff: [nagin@lnx-nagin docs]$ diff remote.html.in remote.html.in.nagin 654a655,657 Note: it is also necessary to start the server in listening mode by running it with --listen or editing /etc/sysconfig/libvirtd by uncommenting the LIBVIRTD_ARGS="--listen" line to cause the server to come up in listening mode whenever it is started. 661a665 Note: it is also necessary to start the server in listening mode.
I hope these updates are acceptable. - Kenneth Nagin