mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 13:45:38 +00:00
tools: stop checking init scripts & iptables config
The /etc/sysconfig/libvirtd file is a Fedora/RHEL specific concept. Since those distros switched to systemd socket activation, the existance of --listen parameter in /etc/sysconfig/libvirtd is no longer a reliable check. This was further degraded with the switch to modular daemons where virtproxyd takes over the role. The /etc/sysconfig/iptables file is a Fedora/RHEL specific concept. Since those distros switched to firewalld, this file is no longer a reliable check. Rather than complicating these checks, just remove them, so that the virt-pki-validate tool focuses exclusively on TLS configuration validation. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
1d7ce1c071
commit
3faa78d98d
@ -73,7 +73,6 @@ echo Found "$CERTOOL"
|
|||||||
#
|
#
|
||||||
SYSCONFDIR="@sysconfdir@"
|
SYSCONFDIR="@sysconfdir@"
|
||||||
PKI="$SYSCONFDIR/pki"
|
PKI="$SYSCONFDIR/pki"
|
||||||
INITCONFDIR="@initconfdir@"
|
|
||||||
if [ ! -d "$PKI" ]
|
if [ ! -d "$PKI" ]
|
||||||
then
|
then
|
||||||
echo the $PKI directory is missing, it is usually
|
echo the $PKI directory is missing, it is usually
|
||||||
@ -293,31 +292,4 @@ else
|
|||||||
SERVER=0
|
SERVER=0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$SERVER" = "1" ]
|
|
||||||
then
|
|
||||||
if [ -r "$INITCONFDIR"/libvirtd ]
|
|
||||||
then
|
|
||||||
if grep "^LIBVIRTD_ARGS.*--listen" "$INITCONFDIR"/libvirtd \
|
|
||||||
>/dev/null 2>&1
|
|
||||||
then
|
|
||||||
:
|
|
||||||
else
|
|
||||||
echo Make sure "$INITCONFDIR"/libvirtd is setup to listen to
|
|
||||||
echo TCP/IP connections and restart the libvirtd service
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if [ -r "$INITCONFDIR"/iptables ]
|
|
||||||
then
|
|
||||||
if grep "$PORT" "$INITCONFDIR"/iptables >/dev/null 2>&1
|
|
||||||
then
|
|
||||||
:
|
|
||||||
else
|
|
||||||
echo Make sure "$INITCONFDIR"/iptables is setup to allow
|
|
||||||
echo incoming TCP/IP connections on port $PORT and
|
|
||||||
echo restart the iptables service
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
Loading…
Reference in New Issue
Block a user