[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] stubdom fails with tls enabled

  • To: John Haxby <john.haxby@xxxxxxxxxx>
  • From: Dan Hickox <danhickox@xxxxxxxxx>
  • Date: Tue, 24 Nov 2009 10:02:13 -0800
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 24 Nov 2009 10:03:17 -0800
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=X1T7V27JbVUP+Pjf74Mi9ctDa0bKJyPvk9x9fs+4J/Vg7sff1Tf7THsIYWiNY0Fw8m +MMag7vD00aEA6r9ZK2etr9I0zPtl21OAJzF/+9oWNr6rrXj5qklgrtsRCAzsTbn7Fsk 203tZtOd/Che0kY7LeTChHH6g5skb2xvbkvhw=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
John,
ÂÂÂÂ Thanks for the response.ÂI did see that much :) Correct me if I'm wrong; but, it appears that xm create pulls the configuration and formats it (among other things) and passes the configuration to qemu-dm or in this case stubdom-dm. It also seems that qemu-dm expects 'tls' as an argument and not 'tls=whatever'. The 'tls' argument was being auto generated in '/etc/xen/stubdom' (I think by the updated stubdom-dm script) and not something I had manually appended to the configuration of the VM; and occurs when (vnc-tls 1) is uncommented.
Â
I was able to patch image.py and create.py to pass the information to stubdom-dm. Which leaves me with:
Â
INFO (image:394) spawning device models: /usr/lib64/xen/bin/stubdom-dm ['/usr/lib64/xen/bin/stubdom-dm', '-d', '23', '-domain-name', 'windowsxp', '-videoram', '4', '-vnc', '127.0.0.1:1,tls,x509=/etc/xen/vnc', '-vcpus', '1', '-boot', 'd', '-acpi', '-usbdevice', 'tablet', '-net', 'nic,vlan=1,macaddr=00:16:3e:0a:12:15,model=rtl8139', '-net', 'tap,vlan=1,ifname=tap23.0,bridge=xenbr0', '-M', 'xenfv']
Â
But, after all this it still appears that tls is either not enabled or there is some incompatibility between client/server. You wouldn't happend to know a compatible client? I did double check that vnc tls was enabled during build...
Â
Well... Seems that there is more work to do...
Â
Any suggestions would be appreciated.
Â
Thanks,
Dan
On Mon, Nov 23, 2009 at 4:08 AM, John Haxby <john.haxby@xxxxxxxxxx> wrote:
On 20/11/09 17:53, Dan Hickox wrote:


Â

Error: tls should be a pair, separated by an equals sign.

Using config file "/etc/xen/stubdoms/windowsxp-dm".

Â

windowsxp-dm contains:

Â

#This file is autogenerated, edit windowsxp instead!

kernel = '/usr/lib/xen/boot/ioemu-stubdom.gz'

vfb = ['sdl=0, opengl=1, xauthority=/root/.Xauthority, vnc=1, vncdisplay=1,tls, vnclisten=127.0.0.1, vncunused=0']

disk = [ 'phy:sda1,hda:disk,w','file:/mnt/launch/XRMPFPP_EN.iso,hdc:cdrom,r' ]

vif = [ 'mac=00:16:3e:04:b2:d5' ]

Â

At first newbish glance I see that stubdom-dm and image.py use this information. But, I'm not exactly sure how it's handled throughout the app...



If anything, it should be "tls=1".

However, as of 3.4.0 (and possibly later) you don't do tls like that.ÂÂ Read the tls comments in /etc/xen/xend-config.sxp -- you mostly want to uncomment the "(vnc-tls 1)" line but you'll need the certificates it mentions in place first.

jch

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.