qemu: add qemu RDP configuration
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
This commit is contained in:
Marc-André Lureau
Martin Kletzander
parent
12d7b9fe26
commit
bd5f4d3237
@ -50,6 +50,11 @@ module Libvirtd_qemu =
|
||||
| bool_entry "spice_sasl"
|
||||
| str_entry "spice_sasl_dir"
|
||||
|
||||
let rdp_entry = str_entry "rdp_listen"
|
||||
| str_entry "rdp_tls_x509_cert_dir"
|
||||
| str_entry "rdp_username"
|
||||
| str_entry "rdp_password"
|
||||
|
||||
let chardev_entry = bool_entry "chardev_tls"
|
||||
| str_entry "chardev_tls_x509_cert_dir"
|
||||
| bool_entry "chardev_tls_x509_verify"
|
||||
@ -103,6 +108,7 @@ module Libvirtd_qemu =
|
||||
| str_entry "bridge_helper"
|
||||
| str_entry "pr_helper"
|
||||
| str_entry "slirp_helper"
|
||||
| str_entry "qemu_rdp"
|
||||
| str_entry "dbus_daemon"
|
||||
| bool_entry "set_process_name"
|
||||
| int_entry "max_processes"
|
||||
@ -156,6 +162,7 @@ module Libvirtd_qemu =
|
||||
let entry = default_tls_entry
|
||||
| vnc_entry
|
||||
| spice_entry
|
||||
| rdp_entry
|
||||
| chardev_entry
|
||||
| migrate_entry
|
||||
| backup_entry
|
||||
|
||||
@ -229,6 +229,31 @@
|
||||
#
|
||||
#spice_sasl_dir = "/some/directory/sasl2"
|
||||
|
||||
# RDP is configured to listen on 127.0.0.1 by default.
|
||||
# To make it listen on all public interfaces, uncomment
|
||||
# this next option.
|
||||
#
|
||||
#rdp_listen = "0.0.0.0"
|
||||
|
||||
# In order to override the default TLS certificate location for
|
||||
# RDP certificates, supply a valid path to the certificate directory.
|
||||
# If the path is not provided, then the default_tls_x509_cert_dir path
|
||||
# will be used.
|
||||
#
|
||||
#rdp_tls_x509_cert_dir = "/etc/pki/libvirt-rdp"
|
||||
|
||||
# The default RDP username. This parameter is only used if the
|
||||
# per-domain XML config does not already provide a username.
|
||||
#
|
||||
#rdp_username = "user"
|
||||
|
||||
# The default RDP password. This parameter is only used if the
|
||||
# per-domain XML config does not already provide a password.
|
||||
# By default, RDP server will not allow password-less connections.
|
||||
# Obviously change this example here before you set this.
|
||||
#
|
||||
#rdp_password = "RDP12345"
|
||||
|
||||
# Enable use of TLS encryption on the chardev TCP transports.
|
||||
#
|
||||
# It is necessary to setup CA and issue a server certificate
|
||||
@ -923,6 +948,12 @@
|
||||
# Path to the SLIRP networking helper.
|
||||
#slirp_helper = "/usr/bin/slirp-helper"
|
||||
|
||||
|
||||
# Path to qemu-rdp
|
||||
# If this is not an absolute path, the program will be searched for
|
||||
# in $PATH.
|
||||
#qemu_rdp = "qemu-rdp"
|
||||
|
||||
# Path to the dbus-daemon
|
||||
# If this is not an absolute path, the program will be searched for
|
||||
# in $PATH.
|
||||
|
||||
@ -104,6 +104,7 @@ VIR_ONCE_GLOBAL_INIT(virQEMUConfig);
|
||||
|
||||
#define QEMU_BRIDGE_HELPER "qemu-bridge-helper"
|
||||
#define QEMU_PR_HELPER "qemu-pr-helper"
|
||||
#define QEMU_RDP "qemu-rdp"
|
||||
#define QEMU_DBUS_DAEMON "dbus-daemon"
|
||||
|
||||
|
||||
@ -241,6 +242,7 @@ virQEMUDriverConfig *virQEMUDriverConfigNew(bool privileged,
|
||||
}
|
||||
|
||||
cfg->vncListen = g_strdup(VIR_LOOPBACK_IPV4_ADDR);
|
||||
cfg->rdpListen = g_strdup(VIR_LOOPBACK_IPV4_ADDR);
|
||||
cfg->spiceListen = g_strdup(VIR_LOOPBACK_IPV4_ADDR);
|
||||
|
||||
cfg->remotePortMin = QEMU_REMOTE_PORT_MIN;
|
||||
@ -266,6 +268,7 @@ virQEMUDriverConfig *virQEMUDriverConfigNew(bool privileged,
|
||||
cfg->prHelperName = g_strdup(QEMU_PR_HELPER);
|
||||
cfg->slirpHelperName = g_strdup(QEMU_SLIRP_HELPER);
|
||||
cfg->dbusDaemonName = g_strdup(QEMU_DBUS_DAEMON);
|
||||
cfg->qemuRdpName = g_strdup(QEMU_RDP);
|
||||
|
||||
cfg->securityDefaultConfined = true;
|
||||
cfg->securityRequireConfined = false;
|
||||
@ -352,6 +355,11 @@ static void virQEMUDriverConfigDispose(void *obj)
|
||||
g_free(cfg->spicePassword);
|
||||
g_free(cfg->spiceSASLdir);
|
||||
|
||||
g_free(cfg->rdpTLSx509certdir);
|
||||
g_free(cfg->rdpListen);
|
||||
g_free(cfg->rdpUsername);
|
||||
g_free(cfg->rdpPassword);
|
||||
|
||||
g_free(cfg->chardevTLSx509certdir);
|
||||
g_free(cfg->chardevTLSx509secretUUID);
|
||||
|
||||
@ -376,6 +384,7 @@ static void virQEMUDriverConfigDispose(void *obj)
|
||||
g_free(cfg->prHelperName);
|
||||
g_free(cfg->slirpHelperName);
|
||||
g_free(cfg->dbusDaemonName);
|
||||
g_free(cfg->qemuRdpName);
|
||||
|
||||
g_free(cfg->autoDumpPath);
|
||||
|
||||
@ -500,6 +509,21 @@ virQEMUDriverConfigLoadSPICEEntry(virQEMUDriverConfig *cfg,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
virQEMUDriverConfigLoadRDPEntry(virQEMUDriverConfig *cfg,
|
||||
virConf *conf)
|
||||
{
|
||||
if (virConfGetValueString(conf, "rdp_tls_x509_cert_dir", &cfg->rdpTLSx509certdir) < 0)
|
||||
return -1;
|
||||
if (virConfGetValueString(conf, "rdp_listen", &cfg->rdpListen) < 0)
|
||||
return -1;
|
||||
if (virConfGetValueString(conf, "rdp_username", &cfg->rdpUsername) < 0)
|
||||
return -1;
|
||||
if (virConfGetValueString(conf, "rdp_password", &cfg->rdpPassword) < 0)
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
virQEMUDriverConfigLoadSpecificTLSEntry(virQEMUDriverConfig *cfg,
|
||||
@ -714,6 +738,9 @@ virQEMUDriverConfigLoadProcessEntry(virQEMUDriverConfig *cfg,
|
||||
if (virConfGetValueString(conf, "dbus_daemon", &cfg->dbusDaemonName) < 0)
|
||||
return -1;
|
||||
|
||||
if (virConfGetValueString(conf, "qemu_rdp", &cfg->qemuRdpName) < 0)
|
||||
return -1;
|
||||
|
||||
if (virConfGetValueBool(conf, "set_process_name", &cfg->setProcessName) < 0)
|
||||
return -1;
|
||||
if (virConfGetValueUInt(conf, "max_processes", &cfg->maxProcesses) < 0)
|
||||
@ -1184,6 +1211,9 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfig *cfg,
|
||||
if (virQEMUDriverConfigLoadSPICEEntry(cfg, conf) < 0)
|
||||
return -1;
|
||||
|
||||
if (virQEMUDriverConfigLoadRDPEntry(cfg, conf) < 0)
|
||||
return -1;
|
||||
|
||||
if (virQEMUDriverConfigLoadSpecificTLSEntry(cfg, conf) < 0)
|
||||
return -1;
|
||||
|
||||
@ -1271,6 +1301,14 @@ virQEMUDriverConfigValidate(virQEMUDriverConfig *cfg)
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (cfg->rdpTLSx509certdir &&
|
||||
!virFileExists(cfg->rdpTLSx509certdir)) {
|
||||
virReportError(VIR_ERR_CONF_SYNTAX,
|
||||
_("rdp_tls_x509_cert_dir directory '%1$s' does not exist"),
|
||||
cfg->rdpTLSx509certdir);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (cfg->chardevTLSx509certdir &&
|
||||
!virFileExists(cfg->chardevTLSx509certdir)) {
|
||||
virReportError(VIR_ERR_CONF_SYNTAX,
|
||||
@ -1356,6 +1394,7 @@ virQEMUDriverConfigSetDefaults(virQEMUDriverConfig *cfg)
|
||||
|
||||
SET_TLS_X509_CERT_DEFAULT(vnc);
|
||||
SET_TLS_X509_CERT_DEFAULT(spice);
|
||||
SET_TLS_X509_CERT_DEFAULT(rdp);
|
||||
SET_TLS_X509_CERT_DEFAULT(chardev);
|
||||
SET_TLS_X509_CERT_DEFAULT(migrate);
|
||||
SET_TLS_X509_CERT_DEFAULT(backup);
|
||||
|
||||
@ -136,6 +136,11 @@ struct _virQEMUDriverConfig {
|
||||
char *spicePassword;
|
||||
bool spiceAutoUnixSocket;
|
||||
|
||||
char *rdpTLSx509certdir;
|
||||
char *rdpListen;
|
||||
char *rdpUsername;
|
||||
char *rdpPassword;
|
||||
|
||||
bool chardevTLS;
|
||||
char *chardevTLSx509certdir;
|
||||
bool chardevTLSx509verify;
|
||||
@ -174,6 +179,7 @@ struct _virQEMUDriverConfig {
|
||||
char *prHelperName;
|
||||
char *slirpHelperName;
|
||||
char *dbusDaemonName;
|
||||
char *qemuRdpName;
|
||||
|
||||
bool macFilter;
|
||||
|
||||
|
||||
@ -22,6 +22,10 @@ module Test_libvirtd_qemu =
|
||||
{ "spice_password" = "XYZ12345" }
|
||||
{ "spice_sasl" = "1" }
|
||||
{ "spice_sasl_dir" = "/some/directory/sasl2" }
|
||||
{ "rdp_listen" = "0.0.0.0" }
|
||||
{ "rdp_tls_x509_cert_dir" = "/etc/pki/libvirt-rdp" }
|
||||
{ "rdp_username" = "user" }
|
||||
{ "rdp_password" = "RDP12345" }
|
||||
{ "chardev_tls" = "1" }
|
||||
{ "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
|
||||
{ "chardev_tls_x509_verify" = "1" }
|
||||
@ -111,6 +115,7 @@ module Test_libvirtd_qemu =
|
||||
{ "memory_backing_dir" = "/var/lib/libvirt/qemu/ram" }
|
||||
{ "pr_helper" = "qemu-pr-helper" }
|
||||
{ "slirp_helper" = "/usr/bin/slirp-helper" }
|
||||
{ "qemu_rdp" = "qemu-rdp" }
|
||||
{ "dbus_daemon" = "dbus-daemon" }
|
||||
{ "swtpm_user" = "tss" }
|
||||
{ "swtpm_group" = "tss" }
|
||||
|
||||
@ -382,6 +382,8 @@ int qemuTestDriverInit(virQEMUDriver *driver)
|
||||
cfg->vncTLSx509certdir = g_strdup("/etc/pki/libvirt-vnc");
|
||||
VIR_FREE(cfg->spiceTLSx509certdir);
|
||||
cfg->spiceTLSx509certdir = g_strdup("/etc/pki/libvirt-spice");
|
||||
VIR_FREE(cfg->rdpTLSx509certdir);
|
||||
cfg->rdpTLSx509certdir = g_strdup("/etc/pki/libvirt-rdp");
|
||||
VIR_FREE(cfg->chardevTLSx509certdir);
|
||||
cfg->chardevTLSx509certdir = g_strdup("/etc/pki/libvirt-chardev");
|
||||
VIR_FREE(cfg->vxhsTLSx509certdir);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user