)]}'
{"lib/nova_plugins/functions-libvirt":[{"author":{"_account_id":7350,"name":"Jordan Pittier","email":"jordan.pittier@gmail.com","username":"JordanP"},"change_message_id":"fd0a1dfaac92065b301d43a4ee9a937ff9d50bee","unresolved":false,"context_lines":[{"line_number":134,"context_line":""},{"line_number":135,"context_line":"    # Configure libvirt to allow ssh-based block migration"},{"line_number":136,"context_line":"    # TODO(adam_g): Support non-ubuntu, support more than ssh?"},{"line_number":137,"context_line":"    if ! grep -q \"^listen_tls \u003d 0\" /etc/libvirtd/libvirtd.conf; then"},{"line_number":138,"context_line":"        echo \"listen_tls \u003d 0\" | sudo tee -a /etc/libvirt/libvirtd.conf"},{"line_number":139,"context_line":"    fi"},{"line_number":140,"context_line":"    if [ -e /etc/default/libvirt-bin ]; then"}],"source_content_type":"application/octet-stream","patch_set":3,"id":"5a890539_5315afe3","line":137,"updated":"2014-11-20 15:02:11.000000000","message":"You can come up with a \u0027sed\u0027 command that does this in one line, and in a reentrant way also.\n\nAppending listen_tls at the end of the config file is not the best option, because by default the listen_tls flag is at the top of this file. So it\u0027s confusing.","commit_id":"9b1dde646488da3b89e0d46d48635553343dc371"},{"author":{"_account_id":2750,"name":"Sean Dague","email":"sean@dague.net","username":"sdague"},"change_message_id":"4078d3213624e19c853a5e97752445dfc79fa24b","unresolved":false,"context_lines":[{"line_number":134,"context_line":""},{"line_number":135,"context_line":"    # Configure libvirt to allow ssh-based block migration"},{"line_number":136,"context_line":"    # TODO(adam_g): Support non-ubuntu, support more than ssh?"},{"line_number":137,"context_line":"    if ! grep -q \"^listen_tls \u003d 0\" /etc/libvirtd/libvirtd.conf; then"},{"line_number":138,"context_line":"        echo \"listen_tls \u003d 0\" | sudo tee -a /etc/libvirt/libvirtd.conf"},{"line_number":139,"context_line":"    fi"},{"line_number":140,"context_line":"    if [ -e /etc/default/libvirt-bin ]; then"}],"source_content_type":"application/octet-stream","patch_set":3,"id":"5a890539_bf7bec27","line":137,"in_reply_to":"5a890539_5315afe3","updated":"2014-11-20 17:36:07.000000000","message":"also... /etc/libvirtd is wrong, right?","commit_id":"9b1dde646488da3b89e0d46d48635553343dc371"},{"author":{"_account_id":1779,"name":"Daniel Berrange","email":"berrange@redhat.com","username":"berrange"},"change_message_id":"f78413d45432373e1ceafe02f8130ec273c681d4","unresolved":false,"context_lines":[{"line_number":140,"context_line":"    if [ -e /etc/default/libvirt-bin ]; then"},{"line_number":141,"context_line":"        # Enable libvirtd tcp listening"},{"line_number":142,"context_line":"        sudo sed -i \"s|\\(libvirtd_opts\u003d\\).*|\\1\\\"-l -d\\\"|\" /etc/default/libvirt-bin"},{"line_number":143,"context_line":"    fi"},{"line_number":144,"context_line":"    # libvirt detects various settings on startup, as we potentially changed"},{"line_number":145,"context_line":"    # the system configuration (modules, filesystems), we need to restart"},{"line_number":146,"context_line":"    # libvirt to detect those changes."}],"source_content_type":"application/octet-stream","patch_set":3,"id":"5a890539_1f724011","line":143,"updated":"2014-11-20 17:41:59.000000000","message":"This isn\u0027t correct.\n\nFor libvirt  +ssh based URIs to work, libvirtd  merely needs to be listening on its UNIX domain socket. The only TCP connection involved is the one between SSH client and SSH server. The libvirt traffic is tunnelled over that to the UNIX domain socket.\n\nThere is nothing required for this work beyond having SSH server and libvirtd running. THeir out-of-the-box config works fine\n\n\nThe \u0027listen_tls\u0027 and \u0027listen_tcp\u0027 options in libvirtd.conf and the \u0027-i\u0027 command line arg are for making libvirtd listen directly for TCP connections. ie *no* SSH involved at all.  You have a choice of using TLS + x509 (listen_tls\u003d1)  or Kerberos (listen_tcp\u003d0).\n\nIOW, since this review talks about making SSH connections work, none of this stuff should be required. It should already \u0027just work\u0027 on any distro.","commit_id":"9b1dde646488da3b89e0d46d48635553343dc371"}]}