Since libvirt 3.9.0, the
+ auth element is supported for a disk
+ type "network" that is using a source
+ element with the protocol attributes "rbd" or "iscsi".
+ If present, the auth element provides the
+ authentication credentials needed to access the source. It
+ includes a mandatory attribute username, which
+ identifies the username to use during authentication, as well
+ as a sub-element secret with mandatory
+ attribute type, to tie back to
+ a libvirt secret object that
+ holds the actual password or other credentials (the domain XML
+ intentionally does not expose the password, only the reference
+ to the object that does manage the password).
+ Known secret types are "ceph" for Ceph RBD network sources and
+ "iscsi" for CHAP authentication of iSCSI targets.
+ Both will require either a uuid attribute
+ with the UUID of the secret object or a usage
+ attribute matching the key that was specified in the
+ secret object.
+
@@ -3163,25 +3185,14 @@
are available, each defaulting to 0.
auth
-
The auth element is supported for a disk
- type "network" that is using a source
- element with the protocol attributes "rbd" or "iscsi".
- If present, the auth element provides the
- authentication credentials needed to access the source. It
- includes a mandatory attribute username, which
- identifies the username to use during authentication, as well
- as a sub-element secret with mandatory
- attribute type, to tie back to
- a libvirt secret object that
- holds the actual password or other credentials (the domain XML
- intentionally does not expose the password, only the reference
- to the object that does manage the password).
- Known secret types are "ceph" for Ceph RBD network sources and
- "iscsi" for CHAP authentication of iSCSI targets.
- Both will require either a uuid attribute
- with the UUID of the secret object or a usage
- attribute matching the key that was specified in the
- secret object. libvirt 0.9.7
+
Starting with libvirt 3.9.0 the
+ auth element is preferred to be a sub-element of
+ the source element. The element is still read and
+ managed as a disk sub-element. It is invalid to use
+ auth as both a sub-element of disk
+ and source. The auth element was
+ introduced as a disk sub-element in
+ libvirt 0.9.7.
geometry
The optional geometry element provides the
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 874af3ffa3..c99ee4f89b 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1580,11 +1580,27 @@
+
+
+
+
+
+
+ iscsi
+
+
+
+
+
+
+
+
+
@@ -1603,7 +1619,6 @@
sheepdog
- iscsiftpftpstftp
@@ -1663,6 +1678,7 @@
+
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index fe37b2bded..b207d33dae 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8278,6 +8278,29 @@ virDomainDiskSourceNetworkParse(xmlNodePtr node,
}
+static int
+virDomainDiskSourceAuthParse(xmlNodePtr node,
+ virStorageAuthDefPtr *authdefsrc)
+{
+ xmlNodePtr child;
+ virStorageAuthDefPtr authdef;
+
+ for (child = node->children; child; child = child->next) {
+ if (child->type == XML_ELEMENT_NODE &&
+ virXMLNodeNameEqual(child, "auth")) {
+
+ if (!(authdef = virStorageAuthDefParse(node->doc, child)))
+ return -1;
+
+ *authdefsrc = authdef;
+ return 0;
+ }
+ }
+
+ return 0;
+}
+
+
int
virDomainDiskSourceParse(xmlNodePtr node,
xmlXPathContextPtr ctxt,
@@ -8315,6 +8338,9 @@ virDomainDiskSourceParse(xmlNodePtr node,
goto cleanup;
}
+ if (virDomainDiskSourceAuthParse(node, &src->auth) < 0)
+ goto cleanup;
+
/* People sometimes pass a bogus '' source path when they mean to omit the
* source element completely (e.g. CDROM without media). This is just a
* little compatibility check to help those broken apps */
@@ -8961,6 +8987,19 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
if (virDomainDiskSourceParse(cur, ctxt, def->src, flags) < 0)
goto error;
+ /* If we've already found an as a child of and
+ * we find one as a child of