File: libvirtd.sasl

package info (click to toggle)
libvirt 0.8.3-5%2Bsqueeze5
  • links: PTS, VCS
  • area: main
  • in suites: squeeze
  • size: 77,288 kB
  • ctags: 30,516
  • sloc: ansic: 177,367; xml: 26,161; sh: 13,271; python: 4,929; makefile: 2,083; ml: 472; perl: 221; awk: 48; sed: 16
file content (28 lines) | stat: -rw-r--r-- 1,161 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# If you want to use the non-TLS socket, then you *must* include
# the GSSAPI or DIGEST-MD5 mechanisms, because they are the only
# ones that can offer session encryption as well as authentication.
#
# If you're only using TLS, then you can turn on any mechanisms
# you like for authentication, because TLS provides the encryption
#
# Default to a simple username+password mechanism
mech_list: digest-md5

# Before you can use GSSAPI, you need a service principle on the
# KDC server for libvirt, and that to be exported to the keytab
# file listed below
#mech_list: gssapi
#
# You can also list many mechanisms at once, then the user can choose
# by adding  '?auth=sasl.gssapi' to their libvirt URI, eg
#   qemu+tcp://hostname/system?auth=sasl.gssapi
#mech_list: digest-md5 gssapi

# MIT kerberos ignores this option & needs KRB5_KTNAME env var.
# May be useful for other non-Linux OS though....
keytab: /etc/libvirt/krb5.tab

# If using digest-md5 for username/passwds, then this is the file
# containing the passwds. Use 'saslpasswd2 -a libvirt [username]'
# to add entries, and 'sasldblistusers2 -a libvirt' to browse it
sasldb_path: /etc/libvirt/passwd.db