External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-28 08:35:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
cc0e4e8ddb
libvirt/src/qemu/test_libvirtd_qemu.aug
Daniel P. Berrange 12317957ec Integrate the QEMU driver with the lock manager infrastructure 
The QEMU integrates with the lock manager instructure in a number
of key places

 * During startup, a lock is acquired in between the fork & exec
 * During startup, the libvirtd process acquires a lock before
   setting file labelling
 * During shutdown, the libvirtd process acquires a lock
   before restoring file labelling
 * During hotplug, unplug & media change the libvirtd process
   holds a lock while setting/restoring labels

The main content lock is only ever held by the QEMU child process,
or libvirtd during VM shutdown. The rest of the operations only
require libvirtd to hold the metadata locks, relying on the active
QEMU still holding the content lock.

* src/qemu/qemu_conf.c, src/qemu/qemu_conf.h,
  src/qemu/libvirtd_qemu.aug, src/qemu/test_libvirtd_qemu.aug:
  Add config parameter for configuring lock managers
* src/qemu/qemu_driver.c: Add calls to the lock manager
2011-06-02 10:54:01 +01:00

243 lines
8.1 KiB
Plaintext
Raw Blame History

module Test_libvirtd_qemu =
let conf = "# Master configuration file for the QEMU driver.
# All settings described here are optional - if omitted, sensible
# defaults are used.
# VNC is configured to listen on 127.0.0.1 by default.
# To make it listen on all public interfaces, uncomment
# this next option.
#
# NB, strong recommendation to enable TLS + x509 certificate
# verification when allowing public access
#
vnc_listen = \"0.0.0.0\"
# Enable use of TLS encryption on the VNC server. This requires
# a VNC client which supports the VeNCrypt protocol extension.
# Examples include vinagre, virt-viewer, virt-manager and vencrypt
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
# It is necessary to setup CA and issue a server certificate
# before enabling this.
#
vnc_tls = 1
# Use of TLS requires that x509 certificates be issued. The
# default it to keep them in /etc/pki/libvirt-vnc. This directory
# must contain
#
# ca-cert.pem - the CA master certificate
# server-cert.pem - the server certificate signed with ca-cert.pem
# server-key.pem - the server private key
#
# This option allows the certificate directory to be changed
#
vnc_tls_x509_cert_dir = \"/etc/pki/libvirt-vnc\"
# The default TLS configuration only uses certificates for the server
# allowing the client to verify the server's identity and establish
# and encrypted channel.
#
# It is possible to use x509 certificates for authentication too, by
# issuing a x509 certificate to every client who needs to connect.
#
# Enabling this option will reject any client who does not have a
# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
#
vnc_tls_x509_verify = 1
# The default VNC password. Only 8 letters are significant for
# VNC passwords. This parameter is only used if the per-domain
# XML config does not already provide a password. To allow
# access without passwords, leave this commented out. An empty
# string will still enable passwords, but be rejected by QEMU
# effectively preventing any use of VNC. Obviously change this
# example here before you set this
#
vnc_password = \"XYZ12345\"
# Enable use of SASL encryption on the VNC server. This requires
# a VNC client which supports the SASL protocol extension.
# Examples include vinagre, virt-viewer and virt-manager
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
# It is necessary to configure /etc/sasl2/qemu.conf to choose
# the desired SASL plugin (eg, GSSPI for Kerberos)
#
vnc_sasl = 1
# The default SASL configuration file is located in /etc/sasl2/
# When running libvirtd unprivileged, it may be desirable to
# override the configs in this location. Set this parameter to
# point to the directory, and create a qemu.conf in that location
#
vnc_sasl_dir = \"/some/directory/sasl2\"
security_driver = \"selinux\"
user = \"root\"
group = \"root\"
dynamic_ownership = 1
cgroup_controllers = [ \"cpu\", \"devices\" ]
cgroup_device_acl = [ \"/dev/null\", \"/dev/full\", \"/dev/zero\" ]
save_image_format = \"gzip\"
dump_image_format = \"gzip\"
auto_dump_path = \"/var/lib/libvirt/qemu/dump\"
hugetlbfs_mount = \"/dev/hugepages\"
set_process_name = 1
relaxed_acs_check = 1
vnc_allow_host_audio = 1
clear_emulator_capabilities = 0
allow_disk_format_probing = 1
vnc_auto_unix_socket = 1
max_processes = 12345
lock_manager = \"fcntl\"
"
test Libvirtd_qemu.lns get conf =
{ "#comment" = "Master configuration file for the QEMU driver." }
{ "#comment" = "All settings described here are optional - if omitted, sensible" }
{ "#comment" = "defaults are used." }
{ "#empty" }
{ "#comment" = "VNC is configured to listen on 127.0.0.1 by default." }
{ "#comment" = "To make it listen on all public interfaces, uncomment" }
{ "#comment" = "this next option." }
{ "#comment" = "" }
{ "#comment" = "NB, strong recommendation to enable TLS + x509 certificate" }
{ "#comment" = "verification when allowing public access" }
{ "#comment" = "" }
{ "vnc_listen" = "0.0.0.0" }
{ "#empty" }
{ "#empty" }
{ "#comment" = "Enable use of TLS encryption on the VNC server. This requires" }
{ "#comment" = "a VNC client which supports the VeNCrypt protocol extension." }
{ "#comment" = "Examples include vinagre, virt-viewer, virt-manager and vencrypt" }
{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
{ "#comment" = "" }
{ "#comment" = "It is necessary to setup CA and issue a server certificate" }
{ "#comment" = "before enabling this." }
{ "#comment" = "" }
{ "vnc_tls" = "1" }
{ "#empty" }
{ "#empty" }
{ "#comment" = "Use of TLS requires that x509 certificates be issued. The" }
{ "#comment" = "default it to keep them in /etc/pki/libvirt-vnc. This directory" }
{ "#comment" = "must contain" }
{ "#comment" = "" }
{ "#comment" = "ca-cert.pem - the CA master certificate" }
{ "#comment" = "server-cert.pem - the server certificate signed with ca-cert.pem" }
{ "#comment" = "server-key.pem - the server private key" }
{ "#comment" = "" }
{ "#comment" = "This option allows the certificate directory to be changed" }
{ "#comment" = "" }
{ "vnc_tls_x509_cert_dir" = "/etc/pki/libvirt-vnc" }
{ "#empty" }
{ "#empty" }
{ "#comment" = "The default TLS configuration only uses certificates for the server" }
{ "#comment" = "allowing the client to verify the server's identity and establish" }
{ "#comment" = "and encrypted channel." }
{ "#comment" = "" }
{ "#comment" = "It is possible to use x509 certificates for authentication too, by" }
{ "#comment" = "issuing a x509 certificate to every client who needs to connect." }
{ "#comment" = "" }
{ "#comment" = "Enabling this option will reject any client who does not have a" }
{ "#comment" = "certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem" }
{ "#comment" = "" }
{ "vnc_tls_x509_verify" = "1" }
{ "#empty" }
{ "#empty" }
{ "#comment" = "The default VNC password. Only 8 letters are significant for" }
{ "#comment" = "VNC passwords. This parameter is only used if the per-domain" }
{ "#comment" = "XML config does not already provide a password. To allow" }
{ "#comment" = "access without passwords, leave this commented out. An empty" }
{ "#comment" = "string will still enable passwords, but be rejected by QEMU" }
{ "#comment" = "effectively preventing any use of VNC. Obviously change this" }
{ "#comment" = "example here before you set this" }
{ "#comment" = "" }
{ "vnc_password" = "XYZ12345" }
{ "#empty" }
{ "#empty" }
{ "#comment" = "Enable use of SASL encryption on the VNC server. This requires" }
{ "#comment" = "a VNC client which supports the SASL protocol extension." }
{ "#comment" = "Examples include vinagre, virt-viewer and virt-manager" }
{ "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
{ "#comment" = "" }
{ "#comment" = "It is necessary to configure /etc/sasl2/qemu.conf to choose" }
{ "#comment" = "the desired SASL plugin (eg, GSSPI for Kerberos)" }
{ "#comment" = "" }
{ "vnc_sasl" = "1" }
{ "#empty" }
{ "#empty" }
{ "#comment" = "The default SASL configuration file is located in /etc/sasl2/" }
{ "#comment" = "When running libvirtd unprivileged, it may be desirable to" }
{ "#comment" = "override the configs in this location. Set this parameter to" }
{ "#comment" = "point to the directory, and create a qemu.conf in that location" }
{ "#comment" = "" }
{ "vnc_sasl_dir" = "/some/directory/sasl2" }
{ "#empty" }
{ "security_driver" = "selinux" }
{ "#empty" }
{ "user" = "root" }
{ "#empty" }
{ "group" = "root" }
{ "#empty" }
{ "dynamic_ownership" = "1" }
{ "#empty" }
{ "cgroup_controllers"
{ "1" = "cpu" }
{ "2" = "devices" }
}
{ "#empty" }
{ "cgroup_device_acl"
{ "1" = "/dev/null" }
{ "2" = "/dev/full" }
{ "3" = "/dev/zero" }
}
{ "#empty" }
{ "save_image_format" = "gzip" }
{ "#empty" }
{ "dump_image_format" = "gzip" }
{ "#empty" }
{ "auto_dump_path" = "/var/lib/libvirt/qemu/dump" }
{ "#empty" }
{ "hugetlbfs_mount" = "/dev/hugepages" }
{ "#empty" }
{ "set_process_name" = "1" }
{ "#empty" }
{ "relaxed_acs_check" = "1" }
{ "#empty" }
{ "vnc_allow_host_audio" = "1" }
{ "#empty" }
{ "clear_emulator_capabilities" = "0" }
{ "#empty" }
{ "allow_disk_format_probing" = "1" }
{ "#empty" }
{ "vnc_auto_unix_socket" = "1" }
{ "#empty" }
{ "max_processes" = "12345" }
{ "#empty" }
{ "lock_manager" = "fcntl" }
Reference in New Issue View Git Blame Copy Permalink