On Mon, Jan 10, 2011 at 12:15:59PM -0500, Cole Robinson wrote:
QEMU supports serving VNC over a unix domain socket rather than traditional TCP host/port. This is specified with:
<graphics type='vnc' socket='/foo/bar/baz'/>
Currently not hooked up with the security driver, I'll wait for Dan's big reorg. I also have a virtinst/virt-manager patch queued locally to handle this change.
Actually there's nothing you can do with UNIX sockets that QEMU itself is responsible for creating. You just have to make sure you place them in a directory that is labelled virt_image_t and then rely on the policy doing correct labelling. cf the UNIX socket used for the monitor.
To be useful, we probably want a qemu.conf option to use sockets as the default VNC method, so VMs without hardcoded listen addresses will magically start up serving over a socket in /var/lib/libvirt/qemu. This provides better security access control than VNC listening on 127.0.0.1, but will cause issues with tools that rely on the lax security (virt-manager in fedora runs as regular user by default, and wouldn't be able to access a socket owned by 'qemu' or 'root').
Yes, we'd want a qemu.conf option for this, though not enabled by default due to the problem you mention. The only current approach is to make your desktop user be a member of the 'qemu' group which isn't entirely satisfactory for qemu://system. Works nicely for qemu://session though. Daniel