[libvirt] PATCH: Support VNC password for QEMU guests

Mon Jan 26 13:12:42 UTC 2009

Daniel P. Berrange napsal(a):
> On Mon, Jan 26, 2009 at 11:15:01AM +0000, Daniel P. Berrange wrote:
>   
>> On Sun, Jan 25, 2009 at 09:22:53PM +0100, Radek Hladik wrote:
>>     
>>> Daniel P. Berrange napsal(a):
>>>       
>>>> This patch adds support for using the monitor interface to set the VNC
>>>> password
>>>>
>>>>  (qemu) change vnc password
>>>>  Password: ********
>>>>
>>>> A minor tricky thing is that we can't just send the command and password
>>>> all in one go, we must wait for the 'Password' prompt before sending the
>>>> password.
>>>>
>>>> When doing this I noticed that virsh dumpxml has no way to request a
>>>> secure XML dump (required to see the password element), nor did the
>>>> virsh edit command set the SECURE or INACTIVE flags when changing
>>>> the XML.
>>>>
>>>> qemu_conf.c   |   45 ++++++++++++-----------
>>>> qemu_driver.c |  112 
>>>> ++++++++++++++++++++++++++++++++++++++++++++--------------
>>>> virsh.c       |   30 ++++++++++-----
>>>> 3 files changed, 131 insertions(+), 56 deletions(-)
>>>>
>>>> Daniel
>>>>
>>>>         
>>> I tried the patch and I've found that define command do not set the 
>>> password as the SECURE flag is not set when defining the domain from XML 
>>> file. This can be very unpleasant as it effectively disables the 
>>> password when redefining the domain. I've tried this simple dirty hotfix
>>>
>>> diff -ur b/domain_conf.c a/domain_conf.c
>>> --- b/domain_conf.c     2008-12-23 14:20:02.000000000 +0100
>>> +++ a/domain_conf.c     2009-01-25 20:12:47.000000000 +0100
>>> @@ -2297,7 +2297,7 @@
>>>      }
>>>
>>>      def = virDomainDefParseNode(conn, caps, xml, root,
>>> -                                VIR_DOMAIN_XML_INACTIVE);
>>> +                                VIR_DOMAIN_XML_INACTIVE | 
>>> VIR_DOMAIN_XML_SECURE );
>>>
>>>  cleanup:
>>>      xmlFreeParserCtxt (pctxt);
>>>
>>>
>>> and it works. However there must be some better way how to do it but I 
>>> do not know the libvirt source code good enough to find it.
>>>       
>> That is the correct place to put the flag - I'll include this in my
>> patches. We need to tell it to parse the passwd when loading the files
>> from disk upon daemon startup.
>>     
>
> Actually this is not required. The password is always parsed from the
> XML. The secure flag is only required when generating XML for output.
>
> Daniel
>   
I am not sure about this. I've downloaded latest hourly snapshot 
yesterday, patched it with the VNC password patch and specified password 
via passwd attribute in xml. I've started the daemon and VNC required 
password - so far so good. However I've changed something other in xml 
file, reloaded the xml with virsh 'define test.xml' command and the 
machine didn't require VNC password any more. The supplied patch solved 
the issue...

Radek