On Wed, Dec 20, 2017 at 10:45 AM, intrigeri <intrigeri+libvirt@boum.org> wrote:
Jamie Strandboge:
+ # for use by libvirt-spice (LP: #1690140) + /etc/pki/libvirt-spice/ r, + /etc/pki/libvirt-spice/** r,
+1 to apply
+1 as well, although I'd prefer some minor refactoring to merge this with the 2 already existing libvirt-vnc PKI sections (that were added in two different places in the file 7 years apart, but apparently are about the exact same use case).
Something like this should allow replacing these two existing sections and the third one you're proposing we add:
# for use by libvirt-vnc and libvirt-spice (LP: #901272, #1690140) /etc/pki/CA/ r, /etc/pki/CA/* r, /etc/pki/libvirt{,-spice,-vnc}/ r, /etc/pki/libvirt{,-spice,-vnc}/** r,
What do you think?
Yes I like to take the opportunity to make this more readable in one place while adding -spice. Thanks for the suggestion! Submitting as a v2 in reply ...