MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 12:50:22 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
7bc99cda52
meta-virtualization/recipes-extended/libvirt
History
Bruce Ashfield 7bc99cda52 libvirt: inhibit empty-dirs QA check 
OEcore has recently added a QA check for directories that should
be empty. libvirt (via meson) creates some localsstate directories
for the various components. These trigger the QA check and break
the build.

We still have some non-volatile localstate (/var) scenarios, and
not seeing a distro feature that controls the QA check, and/or to
coordinate the removal of the populated directories, we inhibit
the QA check. In a boot with a volatile /var, the directories
will be overlayed and no harm will come, in a non-volatile
scenario, they'll be visible and no harm will come.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2021-11-12 15:46:45 +00:00
..
libvirt libvirt: fix CVE-2021-3631 2021-09-16 18:08:46 -04:00
libvirt_7.2.0.bb libvirt: inhibit empty-dirs QA check 2021-11-12 15:46:45 +00:00
libvirt-python.inc global: overrides syntax conversion 2021-08-02 17:17:53 -04:00
README libvirt: libvirtd: Facilitate using tls connection mode 2019-07-16 19:41:05 +00:00

README

libvirt default connection mode between client(where for example virsh runs) and server(where libvirtd runs) is tls which requires keys and certificates for certificate authority, client and server to be properly generated and deployed. Otherwise, servers and clients cannot be connected.

recipes-extended/libvirt/libvirt/gnutls-help.py is provided to help generate required keys and certificates.

Usage: gnutls-help.py [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! "ip_address" field of server.info must be IP address of the server. !! !! For more details, please refer to: !! !! https://libvirt.org/remote.html#Remote_certificates !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem"

For more details please refer to libvirt official document, https://libvirt.org/remote.html#Remote_certificates