1
###############################################################################
3
# Configuration file maintained by Juju. Local changes may be overwritten.
4
###############################################################################
6
# Master libvirt daemon configuration file
8
# For further information consult http://libvirt.org/format.html
10
# NOTE: the tests/daemon-conf regression test script requires
11
# that each "PARAMETER = VALUE" line in this file have the parameter
12
# name just after a leading "#".
14
#################################################################
16
# Network connectivity controls
19
# Flag listening for secure TLS connections on the public TCP/IP port.
20
# NB, must pass the --listen flag to the libvirtd process for this to
23
# It is necessary to setup a CA and issue server certificates before
24
# using this capability.
26
# This is enabled by default, uncomment this to disable it
27
listen_tls = {{ listen_tls }}
29
# Listen for unencrypted TCP connections on the public TCP/IP port.
30
# NB, must pass the --listen flag to the libvirtd process for this to
33
# Using the TCP socket requires SASL authentication by default. Only
34
# SASL mechanisms which support data encryption are allowed. This is
35
# DIGEST_MD5 and GSSAPI (Kerberos5)
37
# This is disabled by default, uncomment this to enable it.
42
# Override the port for accepting secure TLS connections
43
# This can be a port number, or service name
47
# Override the port for accepting insecure TCP connections
48
# This can be a port number, or service name
53
# Override the default configuration which binds to all network
54
# interfaces. This can be a numeric IPv4/6 address, or hostname
56
#listen_addr = "192.168.0.1"
59
# Flag toggling mDNS advertizement of the libvirt service.
61
# Alternatively can disable for all services on a host by
62
# stopping the Avahi daemon
64
# This is disabled by default, uncomment this to enable it
67
# Override the default mDNS advertizement name. This must be
68
# unique on the immediate broadcast network.
70
# The default is "Virtualization Host HOSTNAME", where HOSTNAME
71
# is subsituted for the short hostname of the machine (without domain)
73
#mdns_name = "Virtualization Host Joe Demo"
76
#################################################################
78
# UNIX socket access controls
81
# Set the UNIX domain socket group ownership. This can be used to
82
# allow a 'trusted' set of users access to management capabilities
83
# without becoming root.
85
# This is restricted to 'root' by default.
86
unix_sock_group = "libvirtd"
88
# Set the UNIX socket permissions for the R/O socket. This is used
89
# for monitoring VM status only
91
# Default allows any user. If setting group ownership may want to
93
#unix_sock_ro_perms = "0777"
95
# Set the UNIX socket permissions for the R/W socket. This is used
96
# for full management of VMs
98
# Default allows only root. If PolicyKit is enabled on the socket,
99
# the default will change to allow everyone (eg, 0777)
101
# If not using PolicyKit and setting group ownership for access
102
# control then you may want to relax this to:
103
unix_sock_rw_perms = "0770"
105
# Set the name of the directory in which sockets will be found/created.
106
#unix_sock_dir = "/var/run/libvirt"
108
#################################################################
112
# - none: do not perform auth checks. If you can connect to the
113
# socket you are allowed. This is suitable if there are
114
# restrictions on connecting to the socket (eg, UNIX
115
# socket permissions), or if there is a lower layer in
116
# the network providing auth (eg, TLS/x509 certificates)
118
# - sasl: use SASL infrastructure. The actual auth scheme is then
119
# controlled from /etc/sasl2/libvirt.conf. For the TCP
120
# socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
121
# For non-TCP or TLS sockets, any scheme is allowed.
123
# - polkit: use PolicyKit to authenticate. This is only suitable
124
# for use on the UNIX sockets. The default policy will
125
# require a user to supply their own password to gain
126
# full read/write access (aka sudo like), while anyone
127
# is allowed read/only access.
129
# Set an authentication scheme for UNIX read-only sockets
130
# By default socket permissions allow anyone to connect
132
# To restrict monitoring of domains you may wish to enable
133
# an authentication mechanism here
134
auth_unix_ro = "none"
136
# Set an authentication scheme for UNIX read-write sockets
137
# By default socket permissions only allow root. If PolicyKit
138
# support was compiled into libvirt, the default will be to
141
# If the unix_sock_rw_perms are changed you may wish to enable
142
# an authentication mechanism here
143
auth_unix_rw = "none"
145
# Change the authentication scheme for TCP sockets.
147
# If you don't enable SASL, then all TCP traffic is cleartext.
148
# Don't do this outside of a dev/test scenario. For real world
149
# use, always enable SASL and use the GSSAPI or DIGEST-MD5
150
# mechanism in /etc/sasl2/libvirt.conf
153
# Change the authentication scheme for TLS sockets.
155
# TLS sockets already have encryption provided by the TLS
156
# layer, and limited authentication is done by certificates
158
# It is possible to make use of any SASL authentication
159
# mechanism as well, by using 'sasl' for this option
164
#################################################################
166
# TLS x509 certificate configuration
170
# Override the default server key file path
172
#key_file = "/etc/pki/libvirt/private/serverkey.pem"
174
# Override the default server certificate file path
176
#cert_file = "/etc/pki/libvirt/servercert.pem"
178
# Override the default CA certificate path
180
#ca_file = "/etc/pki/CA/cacert.pem"
182
# Specify a certificate revocation list.
184
# Defaults to not using a CRL, uncomment to enable it
185
#crl_file = "/etc/pki/CA/crl.pem"
189
#################################################################
191
# Authorization controls
195
# Flag to disable verification of our own server certificates
197
# When libvirtd starts it performs some sanity checks against
198
# its own certificates.
200
# Default is to always run sanity checks. Uncommenting this
201
# will disable sanity checks which is not a good idea
202
#tls_no_sanity_certificate = 1
204
# Flag to disable verification of client certificates
206
# Client certificate verification is the primary authentication mechanism.
207
# Any client which does not present a certificate signed by the CA
210
# Default is to always verify. Uncommenting this will disable
211
# verification - make sure an IP whitelist is set
212
#tls_no_verify_certificate = 1
215
# A whitelist of allowed x509 Distinguished Names
216
# This list may contain wildcards such as
218
# "C=GB,ST=London,L=London,O=Red Hat,CN=*"
220
# See the POSIX fnmatch function for the format of the wildcards.
222
# NB If this is an empty list, no client can connect, so comment out
223
# entirely rather than using empty list to disable these checks
225
# By default, no DN's are checked
226
#tls_allowed_dn_list = ["DN1", "DN2"]
229
# A whitelist of allowed SASL usernames. The format for usernames
230
# depends on the SASL authentication mechanism. Kerberos usernames
231
# look like username@REALM
233
# This list may contain wildcards such as
237
# See the POSIX fnmatch function for the format of the wildcards.
239
# NB If this is an empty list, no client can connect, so comment out
240
# entirely rather than using empty list to disable these checks
242
# By default, no Username's are checked
243
#sasl_allowed_username_list = ["joe@EXAMPLE.COM", "fred@EXAMPLE.COM" ]
247
#################################################################
249
# Processing controls
252
# The maximum number of concurrent client connections to allow
253
# over all sockets combined.
257
# The minimum limit sets the number of workers to start up
258
# initially. If the number of active clients exceeds this,
259
# then more threads are spawned, up to max_workers limit.
260
# Typically you'd want max_workers to equal maximum number
266
# The number of priority workers. If all workers from above
267
# pool will stuck, some calls marked as high priority
268
# (notably domainDestroy) can be executed in this pool.
271
# Total global limit on concurrent RPC calls. Should be
272
# at least as large as max_workers. Beyond this, RPC requests
273
# will be read into memory and queued. This directly impact
274
# memory usage, currently each request requires 256 KB of
275
# memory. So by default up to 5 MB of memory is used
277
# XXX this isn't actually enforced yet, only the per-client
278
# limit is used so far
281
# Limit on concurrent requests from a single client
282
# connection. To avoid one client monopolizing the server
283
# this should be a small fraction of the global max_requests
284
# and max_workers parameter
285
#max_client_requests = 5
287
#################################################################
292
# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
293
# basically 1 will log everything possible
297
# A filter allows to select a different logging level for a given category
299
# The format for a filter is one of:
302
# where name is a string which is matched against source file name,
303
# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
304
# tells libvirt to log stack trace for each message matching name,
305
# and x is the minimal level where matching messages should be logged:
311
# Multiple filter can be defined in a single @filters, they just need to be
312
# separated by spaces.
314
# e.g. to only get warning or errors from the remote layer and only errors
315
# from the event layer:
316
#log_filters="3:remote 4:event"
319
# An output is one of the places to save logging information
320
# The format for an output can be:
322
# output goes to stderr
324
# use syslog for the output and use the given name as the ident
326
# output to a file, with the given filepath
327
# In all case the x prefix is the minimal level, acting as a filter
333
# Multiple output can be defined, they just need to be separated by spaces.
334
# e.g. to log all warnings and errors to syslog under the libvirtd ident:
335
#log_outputs="3:syslog:libvirtd"
338
# Log debug buffer size: default 64
339
# The daemon keeps an internal debug log buffer which will be dumped in case
340
# of crash or upon receiving a SIGUSR2 signal. This setting allows to override
341
# the default buffer size in kilobytes.
342
# If value is 0 or less the debug log buffer is deactivated
343
#log_buffer_size = 64
346
##################################################################
350
# This setting allows usage of the auditing subsystem to be altered:
352
# audit_level == 0 -> disable all auditing
353
# audit_level == 1 -> enable auditing, only if enabled on host (default)
354
# audit_level == 2 -> enable auditing, and exit if disabled on host
358
# If set to 1, then audit messages will also be sent
359
# via libvirt logging infrastructure. Defaults to 0
363
###################################################################
365
# Provide the UUID of the host here in case the command
366
# 'dmidecode -s system-uuid' does not provide a valid uuid. In case
367
# 'dmidecode' does not provide a valid UUID and none is provided here, a
368
# temporary UUID will be generated.
369
# Keep the format of the example UUID below. UUID must not have all digits
372
# NB This default all-zeros UUID will not work. Replace
373
# it with the output of the 'uuidgen' command and then
374
# uncomment this entry
375
#host_uuid = "00000000-0000-0000-0000-000000000000"
377
###################################################################
378
# Keepalive protocol:
379
# This allows libvirtd to detect broken client connections or even
380
# dead client. A keepalive message is sent to a client after
381
# keepalive_interval seconds of inactivity to check if the client is
382
# still responding; keepalive_count is a maximum number of keepalive
383
# messages that are allowed to be sent to the client without getting
384
# any response before the connection is considered broken. In other
385
# words, the connection is automatically closed approximately after
386
# keepalive_interval * (keepalive_count + 1) seconds since the last
387
# message received from the client. If keepalive_interval is set to
388
# -1, libvirtd will never send keepalive requests; however clients
389
# can still send them and the deamon will send responses. When
390
# keepalive_count is set to 0, connections will be automatically
391
# closed after keepalive_interval seconds of inactivity without
392
# sending any keepalive messages.
394
#keepalive_interval = 5
397
# If set to 1, libvirtd will refuse to talk to clients that do not
398
# support keepalive protocol. Defaults to 0.
400
#keepalive_required = 1