meta-virtualization

mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 20:59:41 +02:00

History

Markus Volk 25a52a58a7 libvirt: dont set polkit permissions manually According to this commit polkit rules should go to ${datadir} instead of ${sysconfdir}: https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=d5e90541f8e35916abc930b2da6de037b23d51a1 Theres no need to adjust the permissions for ${datadir} anymore: https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=6da0fd21c900e32a0693a6b27d38182f19c8c76c This commit fixes build after: https://git.yoctoproject.org/poky/commit/?id=ef9a927a3af1dd817fe298bbe45470b738d9ce2f Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>		2024-09-03 02:09:16 +00:00
..
libvirt	libvirt: update to v10.5.0 and convert to git	2024-07-10 15:59:26 +00:00
libvirt-glib	libvirt-glib: fix introspection and documentation build	2023-09-04 03:03:14 +00:00
libvirt_git.bb	libvirt: dont set polkit permissions manually	2024-09-03 02:09:16 +00:00
libvirt-dbus_1.4.1.bb	libvirt: add libvirt-dbus	2024-04-09 13:40:25 +00:00
libvirt-glib_5.0.0.bb	libvirt-glib: update 4.0.0 -> 5.0.0	2024-03-15 17:17:20 +00:00
libvirt-python.inc	libvirt: update to v10.5.0 and convert to git	2024-07-10 15:59:26 +00:00
README	libvirt: libvirtd: Facilitate using tls connection mode	2019-07-16 19:41:05 +00:00

README

libvirt default connection mode between client(where for example virsh runs) and server(where libvirtd runs) is tls which requires keys and certificates for certificate authority, client and server to be properly generated and deployed. Otherwise, servers and clients cannot be connected.

recipes-extended/libvirt/libvirt/gnutls-help.py is provided to help generate required keys and certificates.

Usage: gnutls-help.py [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! "ip_address" field of server.info must be IP address of the server. !! !! For more details, please refer to: !! !! https://libvirt.org/remote.html#Remote_certificates !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem"

For more details please refer to libvirt official document, https://libvirt.org/remote.html#Remote_certificates