1VIRTSECRETD(8) Virtualization Support VIRTSECRETD(8)
2
3
4
6 virtsecretd - libvirt secret data management daemon
7
9 virtsecretd [OPTION]...
10
12 The virtsecretd program is a server side daemon component of the lib‐
13 virt virtualization management system.
14
15 It is one of a collection of modular daemons that replace functionality
16 previously provided by the monolithic libvirtd daemon.
17
18 This daemon runs on virtualization hosts to provide management for se‐
19 cret data.
20
21 The virtsecretd daemon only listens for requests on a local Unix domain
22 socket. Remote off-host access and backwards compatibility with legacy
23 clients expecting libvirtd is provided by the virtproxy daemon.
24
25 Restarting virtsecretd does not interrupt running guests. Guests con‐
26 tinue to operate and changes in their state will generally be picked up
27 automatically during startup. None the less it is recommended to avoid
28 restarting with running guests whenever practical.
29
31 The virtsecretd daemon is capable of starting in two modes.
32
33 In the traditional mode, it will create and listen on UNIX sockets it‐
34 self.
35
36 In socket activation mode, it will rely on systemd to create and listen
37 on the UNIX sockets and pass them as pre-opened file descriptors. In
38 this mode most of the socket related config options in /etc/lib‐
39 virt/virtsecretd.conf will no longer have any effect.
40
41 Socket activation mode is generally the default when running on a host
42 OS that uses systemd. To revert to the traditional mode, all the socket
43 unit files must be masked:
44
45 $ systemctl mask virtsecretd.socket virtsecretd-ro.socket \
46 virtsecretd-admin.socket
47
49 -h, --help
50
51 Display command line help usage then exit.
52
53 -d, --daemon
54
55 Run as a daemon & write PID file.
56
57 -f, --config *FILE*
58
59 Use this configuration file, overriding the default value.
60
61 -p, --pid-file *FILE*
62
63 Use this name for the PID file, overriding the default value.
64
65 -t, --timeout *SECONDS*
66
67 Exit after timeout period (in seconds), provided there are neither any
68 client connections nor any running domains.
69
70 -v, --verbose
71
72 Enable output of verbose messages.
73
74 --version
75
76 Display version information then exit.
77
79 On receipt of SIGHUP virtsecretd will reload its configuration.
80
82 When run as root
83 • /etc/libvirt/virtsecretd.conf
84
85 The default configuration file used by virtsecretd, unless overridden
86 on the command line using the -f | --config option.
87
88 • /run/libvirt/virtsecretd-sock
89
90 • /run/libvirt/virtsecretd-sock-ro
91
92 • /run/libvirt/virtsecretd-admin-sock
93
94 The sockets virtsecretd will use.
95
96 The TLS Server private key virtsecretd will use.
97
98 • /run/virtsecretd.pid
99
100 The PID file to use, unless overridden by the -p | --pid-file option.
101
102 When run as non-root
103 • $XDG_CONFIG_HOME/libvirt/virtsecretd.conf
104
105 The default configuration file used by virtsecretd, unless overridden
106 on the command line using the -f``|--config`` option.
107
108 • $XDG_RUNTIME_DIR/libvirt/virtsecretd-sock
109
110 • $XDG_RUNTIME_DIR/libvirt/virtsecretd-admin-sock
111
112 The sockets virtsecretd will use.
113
114 • $XDG_RUNTIME_DIR/libvirt/virtsecretd.pid
115
116 The PID file to use, unless overridden by the -p``|--pid-file`` option.
117
118 If $XDG_CONFIG_HOME is not set in your environment, virtsecretd will
119 use $HOME/.config
120
121 If $XDG_RUNTIME_DIR is not set in your environment, virtsecretd will
122 use $HOME/.cache
123
125 To retrieve the version of virtsecretd:
126
127 # virtsecretd --version
128 virtsecretd (libvirt) 8.6.0
129
130 To start virtsecretd, instructing it to daemonize and create a PID
131 file:
132
133 # virtsecretd -d
134 # ls -la /run/virtsecretd.pid
135 -rw-r--r-- 1 root root 6 Jul 9 02:40 /run/virtsecretd.pid
136
138 Please report all bugs you discover. This should be done via either:
139
140 1. the mailing list
141
142 https://libvirt.org/contact.html
143
144 2. the bug tracker
145
146 https://libvirt.org/bugs.html
147
148 Alternatively, you may report bugs to your software distributor / ven‐
149 dor.
150
152 Please refer to the AUTHORS file distributed with libvirt.
153
155 Copyright (C) 2006-2020 Red Hat, Inc., and the authors listed in the
156 libvirt AUTHORS file.
157
159 virtsecretd is distributed under the terms of the GNU LGPL v2.1+. This
160 is free software; see the source for copying conditions. There is NO
161 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PUR‐
162 POSE
163
165 virsh(1), libvirtd(8), https://www.libvirt.org/daemons.html,
166 https://www.libvirt.org/drvsecret.html
167
168
169
170
171 VIRTSECRETD(8)