1VIRTSECRETD(8)              Virtualization Support              VIRTSECRETD(8)
2
3
4

NAME

6       virtsecretd - libvirt secret data management daemon
7

SYNOPSIS

9       virtsecretd [OPTION]...
10

DESCRIPTION

12       The  virtsecretd  program is a server side daemon component of the lib‐
13       virt virtualization management system.
14
15       It is one of a collection of modular daemons that replace functionality
16       previously provided by the monolithic libvirtd daemon.
17
18       This  daemon runs on virtualization hosts to provide management for se‐
19       cret data.
20
21       The virtsecretd daemon only listens for requests on a local Unix domain
22       socket.  Remote off-host access and backwards compatibility with legacy
23       clients expecting libvirtd is provided by the virtproxy daemon.
24
25       Restarting virtsecretd does not interrupt running guests.  Guests  con‐
26       tinue to operate and changes in their state will generally be picked up
27       automatically during startup. None the less it is recommended to  avoid
28       restarting with running guests whenever practical.
29

SYSTEM SOCKET ACTIVATION

31       The virtsecretd daemon is capable of starting in two modes.
32
33       In  the traditional mode, it will create and listen on UNIX sockets it‐
34       self.
35
36       In socket activation mode, it will rely on systemd to create and listen
37       on  the  UNIX  sockets and pass them as pre-opened file descriptors. In
38       this mode most of  the  socket  related  config  options  in  /etc/lib‐
39       virt/virtsecretd.conf will no longer have any effect.
40
41       Socket  activation mode is generally the default when running on a host
42       OS that uses systemd. To revert to the traditional mode, all the socket
43       unit files must be masked:
44
45          $ systemctl mask virtsecretd.socket virtsecretd-ro.socket \
46             virtsecretd-admin.socket
47

OPTIONS

49       -h, --help
50
51       Display command line help usage then exit.
52
53       -d, --daemon
54
55       Run as a daemon & write PID file.
56
57       -f, --config *FILE*
58
59       Use this configuration file, overriding the default value.
60
61       -p, --pid-file *FILE*
62
63       Use this name for the PID file, overriding the default value.
64
65       -t, --timeout *SECONDS*
66
67       Exit  after timeout period (in seconds), provided there are neither any
68       client connections nor any running domains.
69
70       -v, --verbose
71
72       Enable output of verbose messages.
73
74       --version
75
76       Display version information then exit.
77

SIGNALS

79       On receipt of SIGHUP virtsecretd will reload its configuration.
80

FILES

82   When run as root
83/etc/libvirt/virtsecretd.conf
84
85       The default configuration file used by virtsecretd,  unless  overridden
86       on the command line using the -f | --config option.
87
88/run/libvirt/virtsecretd-sock
89
90/run/libvirt/virtsecretd-sock-ro
91
92/run/libvirt/virtsecretd-admin-sock
93
94       The sockets virtsecretd will use.
95
96       The TLS Server private key virtsecretd will use.
97
98/run/virtsecretd.pid
99
100       The PID file to use, unless overridden by the -p | --pid-file option.
101
102   When run as non-root
103$XDG_CONFIG_HOME/libvirt/virtsecretd.conf
104
105       The  default  configuration file used by virtsecretd, unless overridden
106       on the command line using the -f``|--config`` option.
107
108$XDG_RUNTIME_DIR/libvirt/virtsecretd-sock
109
110$XDG_RUNTIME_DIR/libvirt/virtsecretd-admin-sock
111
112       The sockets virtsecretd will use.
113
114$XDG_RUNTIME_DIR/libvirt/virtsecretd.pid
115
116       The PID file to use, unless overridden by the -p``|--pid-file`` option.
117
118       If $XDG_CONFIG_HOME is not set in your  environment,  virtsecretd  will
119       use $HOME/.config
120
121       If  $XDG_RUNTIME_DIR  is  not set in your environment, virtsecretd will
122       use $HOME/.cache
123

EXAMPLES

125       To retrieve the version of virtsecretd:
126
127          # virtsecretd --version
128          virtsecretd (libvirt) 8.6.0
129
130       To start virtsecretd, instructing it to  daemonize  and  create  a  PID
131       file:
132
133          # virtsecretd -d
134          # ls -la /run/virtsecretd.pid
135          -rw-r--r-- 1 root root 6 Jul  9 02:40 /run/virtsecretd.pid
136

BUGS

138       Please report all bugs you discover.  This should be done via either:
139
140       1. the mailing list
141
142          https://libvirt.org/contact.html
143
144       2. the bug tracker
145
146          https://libvirt.org/bugs.html
147
148       Alternatively,  you may report bugs to your software distributor / ven‐
149       dor.
150

AUTHORS

152       Please refer to the AUTHORS file distributed with libvirt.
153
155       Copyright (C) 2006-2020 Red Hat, Inc., and the authors  listed  in  the
156       libvirt AUTHORS file.
157

LICENSE

159       virtsecretd is distributed under the terms of the GNU LGPL v2.1+.  This
160       is free software; see the source for copying conditions.  There  is  NO
161       warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PUR‐
162       POSE
163

SEE ALSO

165       virsh(1),      libvirtd(8),       https://www.libvirt.org/daemons.html,
166       https://www.libvirt.org/drvsecret.html
167
168
169
170
171                                                                VIRTSECRETD(8)
Impressum