| str_entry "spice_tls_x509_cert_dir"
| str_entry "spice_password"
+ let remote_display_entry = int_entry "remote_display_port_min"
+ | int_entry "remote_display_port_max"
+
let security_entry = str_entry "security_driver"
| bool_entry "security_default_confined"
| bool_entry "security_require_confined"
(* Each enty in the config is one of the following three ... *)
let entry = vnc_entry
| spice_entry
+ | remote_display_entry
| security_entry
| save_entry
| process_entry
#spice_password = "XYZ12345"
+# Override the port for creating both VNC and SPICE sessions (min).
+# This defaults to 5900 and increases for consecutive sessions
+# or when ports are occupied, until it hits the maximum.
+#
+# Minimum must be greater than or equal to 5900 as lower number would
+# result into negative vnc display number.
+#
+# Maximum must be less than 65536, because higher numbers do not make
+# sense as a port number.
+#
+#remote_display_port_min = 5900
+#remote_display_port_max = 65535
+
+
# The default security driver is SELinux. If SELinux is disabled
# on the host, then the security driver will automatically disable
# itself. If you wish to disable QEMU SELinux security driver while
# define QEMU_VIRTIO_SERIAL_PREFIX "virtio-serial"
# define QEMU_FSDEV_HOST_PREFIX "fsdev-"
+/* These are only defaults, they can be changed now in qemu.conf and
+ * explicitely specified port is checked against these two (makes
+ * sense to limit the values).
+ *
+ * This limitation is mentioned in qemu.conf, so bear in mind that the
+ * configuration file should reflect any changes made to these values.
+ */
# define QEMU_REMOTE_PORT_MIN 5900
# define QEMU_REMOTE_PORT_MAX 65535
/*
* qemu_conf.c: QEMU configuration management
*
- * Copyright (C) 2006-2011 Red Hat, Inc.
+ * Copyright (C) 2006-2012 Red Hat, Inc.
* Copyright (C) 2006 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
#include "virterror_internal.h"
#include "qemu_conf.h"
+#include "qemu_command.h"
#include "qemu_capabilities.h"
#include "qemu_bridge_filter.h"
#include "uuid.h"
virReportOOMError();
return -1;
}
+
+ driver->remotePortMin = QEMU_REMOTE_PORT_MIN;
+ driver->remotePortMax = QEMU_REMOTE_PORT_MAX;
+
if (!(driver->vncTLSx509certdir = strdup(SYSCONFDIR "/pki/libvirt-vnc"))) {
virReportOOMError();
return -1;
}
}
+ p = virConfGetValue (conf, "remote_display_port_min");
+ CHECK_TYPE ("remote_display_port_min", VIR_CONF_LONG);
+ if (p) {
+ if (p->l < QEMU_REMOTE_PORT_MIN) {
+ /* if the port is too low, we can't get the display name
+ * to tell to vnc (usually subtract 5900, e.g. localhost:1
+ * for port 5901) */
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: remote_display_port_min: port must be greater than or equal to %d"),
+ filename, QEMU_REMOTE_PORT_MIN);
+ virConfFree(conf);
+ return -1;
+ }
+ driver->remotePortMin = p->l;
+ }
+
+ p = virConfGetValue (conf, "remote_display_port_max");
+ CHECK_TYPE ("remote_display_port_max", VIR_CONF_LONG);
+ if (p) {
+ if (p->l > QEMU_REMOTE_PORT_MAX ||
+ p->l < driver->remotePortMin) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: remote_display_port_max: port must be between the minimal port and %d"),
+ filename, QEMU_REMOTE_PORT_MAX);
+ virConfFree(conf);
+ return -1;
+ }
+ /* increasing the value by 1 makes all the loops going through
+ the bitmap (i = remotePortMin; i < remotePortMax; i++), work as
+ expected. */
+ driver->remotePortMax = p->l + 1;
+ }
+
+ if (driver->remotePortMin > driver->remotePortMax) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: remote_display_port_min: min port must not be greater than max port"),
+ filename);
+ virConfFree(conf);
+ return -1;
+ }
+
p = virConfGetValue (conf, "user");
CHECK_TYPE ("user", VIR_CONF_STRING);
if (!(user = strdup(p && p->str ? p->str : QEMU_USER))) {
char *spiceTLSx509certdir;
char *spiceListen;
char *spicePassword;
+ int remotePortMin;
+ int remotePortMax;
char *hugetlbfs_mount;
char *hugepage_path;
if (!qemu_driver->domainEventState)
goto error;
- /* Allocate bitmap for vnc port reservation */
- if ((qemu_driver->reservedRemotePorts =
- virBitmapAlloc(QEMU_REMOTE_PORT_MAX - QEMU_REMOTE_PORT_MIN)) == NULL)
- goto out_of_memory;
-
/* read the host sysinfo */
if (privileged)
qemu_driver->hostsysinfo = virSysinfoRead();
}
VIR_FREE(driverConf);
+ /* Allocate bitmap for remote display port reservations. We cannot
+ * do this before the config is loaded properly, since the port
+ * numbers are configurable now */
+ if ((qemu_driver->reservedRemotePorts =
+ virBitmapAlloc(qemu_driver->remotePortMax - qemu_driver->remotePortMin)) == NULL)
+ goto out_of_memory;
+
/* We should always at least have the 'nop' manager, so
* NULLs here are a fatal error
*/
{
int i;
- for (i = startPort ; i < QEMU_REMOTE_PORT_MAX; i++) {
+ for (i = startPort ; i < driver->remotePortMax; i++) {
int fd;
int reuse = 1;
struct sockaddr_in addr;
bool used = false;
if (virBitmapGetBit(driver->reservedRemotePorts,
- i - QEMU_REMOTE_PORT_MIN, &used) < 0)
- VIR_DEBUG("virBitmapGetBit failed on bit %d", i - QEMU_REMOTE_PORT_MIN);
+ i - driver->remotePortMin, &used) < 0)
+ VIR_DEBUG("virBitmapGetBit failed on bit %d", i - driver->remotePortMin);
if (used)
continue;
VIR_FORCE_CLOSE(fd);
/* Add port to bitmap of reserved ports */
if (virBitmapSetBit(driver->reservedRemotePorts,
- i - QEMU_REMOTE_PORT_MIN) < 0) {
+ i - driver->remotePortMin) < 0) {
VIR_DEBUG("virBitmapSetBit failed on bit %d",
- i - QEMU_REMOTE_PORT_MIN);
+ i - driver->remotePortMin);
}
return i;
}
qemuProcessReturnPort(struct qemud_driver *driver,
int port)
{
- if (port < QEMU_REMOTE_PORT_MIN)
+ if (port < driver->remotePortMin)
return;
if (virBitmapClearBit(driver->reservedRemotePorts,
- port - QEMU_REMOTE_PORT_MIN) < 0)
+ port - driver->remotePortMin) < 0)
VIR_DEBUG("Could not mark port %d as unused", port);
}
{ "spice_tls" = "1" }
{ "spice_tls_x509_cert_dir" = "/etc/pki/libvirt-spice" }
{ "spice_password" = "XYZ12345" }
+{ "remote_display_port_min" = "5900" }
+{ "remote_display_port_max" = "65535" }
{ "security_driver" = "selinux" }
{ "security_default_confined" = "1" }
{ "security_require_confined" = "1" }
projects / thirdparty / libvirt.git / commitdiff
