[Spice-devel] [spice-gtk 0/5] Add support for looking up connection credentials in a file
Christophe Fergeau
cfergeau at redhat.com
Tue Jun 4 08:03:26 PDT 2013
On Tue, Jun 04, 2013 at 10:44:45AM -0400, Marc-André Lureau wrote:
>
>
> ----- Mensaje original -----
> > Hey,
> >
> > This patch series adds support for something similar to what is described
> > in http://libvirt.org/auth.html: when a password is needed but it hasn't
> > been provided, we search for a file containing the auth info. It can be
> > specified through an environment variable, in the SPICE URI, then it's
> > looked up in XDG_CONFIG_DIR, and finally in /etc/libvirt/auth.conf. There
> > are a few things that may deserve polishing in this scheme:
> > - it's quite libvirt centered with respects to the naming of the env var,
> > of the default dir locations, ...
> > - the port number needs to be added to the auth-$SERVICE-$HOSTNAME scheme
> > described on http://libvirt.org/auth.html as multiple VMs can run on the
> > same host
> > - it does not go very well with libvirt automatic spice port allocation as
> > the credential file has to hardcode the port numbers, but the port number
> > is not fixed when using automatic allocation
> >
> > I still think this can be useful to people who are looking for a way to
> > pass spice password to the client without passing it on the command line as
> > was suggested in https://bugzilla.redhat.com/show_bug.cgi?id=794644#c6
>
> Spice-gtk is a library. Each Spice client may decide to provide
> credentials in its own way.
>
> Why should spice-gtk bypass that? Since it's so libvirt-centered, why did
> you look for a solution in spice-gtk instead of virt-viewer?
In my opinion this fits best in spice-gtk so that we can document this in
one place, and have all applications using spice-gtk benefits from this
This is better than letting each application reinvent the wheel.
What is libvirt-centered in these patches is just the env var/file names
(LIBVIRT_AUTH_FILE, $XDG_CONFIG_DIR/libvirt/auth.conf,
/etc/libvirt/auth.conf), this is trivial to change to something else if we
don't like it.
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20130604/bd99ef95/attachment.pgp>
More information about the Spice-devel
mailing list