[libvirt] [PATCH] docs: Add docs for new extra parameter pkipath

Justin Clift jclift at redhat.com
Thu Jan 27 13:42:34 UTC 2011 

On 27/01/2011, at 8:01 PM, Osier Yang wrote:
> * docs/remote.html.in
> ---
> docs/remote.html.in |   30 ++++++++++++++++++++++++++++++
> 1 files changed, 30 insertions(+), 0 deletions(-)
> 
> diff --git a/docs/remote.html.in b/docs/remote.html.in
> index b0fdb7c..a68d0fa 100644
> --- a/docs/remote.html.in
> +++ b/docs/remote.html.in
> @@ -308,6 +308,22 @@ Note that parameter values must be
>         <td colspan="2"/>
>         <td> Example: <code>no_tty=1</code> </td>
>       </tr>
> +      <tr>
> +        <td>
> +          <code>pkipath</code>
> +        </td>
> +        <td> tls</td>
> +        <td>
> +  Specifies x509 certificates path for client. As long as one of the
> +  certificates (CA cerfificate, client key, client certificate) doesn't
> +  exist in the specified path, the connection will fail with fatal
> +  error.

Typo.  The "certificate" after the CA is misspelled.  ("f" instead of "t"
in it).  The wording for this paragraph could probably be tweaked
a bit anyway.  How about something like:

  Specifies the x509 certificates path for the client.  If any of the
  CA certificate, client certificate, or client key are missing, the
  connection will fair with a fatal error.


> +</td>

Indentation is off?


> +      </tr>
> +      <tr>
> +        <td colspan="2"/>
> +        <td> Example: <code>pkipath=/tmp/pki/client</code> </td>
> +      </tr>
>     </table>
>     <h3>
>       <a name="Remote_certificates">Generating TLS certificates</a>
> @@ -372,6 +388,20 @@ next section.
>   </td>
>       </tr>
>     </table>
> +    <p>
> +If 'pkipath' is specified in URI, then all the client certificates should
> +be able to found in the path specified, otherwise, connection will fail
> +with fatal error. And if 'pkipath' is not specified:

"should be able to found" -> "must be found"

"otherwise, connection will fail with fatal" -> "otherwise the connection will
 fail with a fatal"

"And if" -> "If"

(yeah, I'm being picky, they're not actually Too Bad as it is) :)


> +</p>

Indentation again?

> +    <ul>
> +      <li> For user who is non-root, libvirt trys to find the certificates

"For a non-root user, ..."  maybe?

"trys" -> "tries"


> +in $HOME/.pki/libvirt, if one of the required certificates can not be found,

Needs to be a full stop rather than a comma at the end of the "pki/libvirt" string.
The "If once of the ..." text after is sounds like a new sentence.


> +global default locations(/etc/pki/CA/cacert.pem,

Missing a space before the "(/etc" bit.

It's probably slightly better wording to add "then the" before the word "global"
here too.  So its "then the global".  It just sounds better. :)


> +/etc/pki/libvirt/private/clientkey, /etc/pki/libvirt/clientcert.pem) will be
> +used.
> +</li>

Indentation.

> +      <li> For user who is root, global default location will be used. </li>

"For the root user, ..."


> +    </ul>
>     <h4>
>       <a name="Remote_TLS_background">Background to TLS certificates</a>
>     </h4>
> --
> 1.7.3.2
> 
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

More information about the libvir-list mailing list