From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LwJbC-00039Z-8Z for qemu-devel@nongnu.org; Tue, 21 Apr 2009 13:17:34 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LwJb7-00037L-GV for qemu-devel@nongnu.org; Tue, 21 Apr 2009 13:17:33 -0400 Received: from [199.232.76.173] (port=57686 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LwJb7-00037E-5y for qemu-devel@nongnu.org; Tue, 21 Apr 2009 13:17:29 -0400 Received: from mx1.redhat.com ([66.187.233.31]:48182) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LwJb6-0005sS-Q9 for qemu-devel@nongnu.org; Tue, 21 Apr 2009 13:17:29 -0400 Date: Tue, 21 Apr 2009 18:17:01 +0100 From: "Daniel P. Berrange" Subject: Re: [Qemu-devel] resetting a stale VNC connection Message-ID: <20090421171701.GH26731@redhat.com> References: <49EDC3B4.7030508@cisco.com> <49EDCC6F.1020703@redhat.com> <20090421164023.GE26731@redhat.com> <49EDF907.5030100@codemonkey.ws> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49EDF907.5030100@codemonkey.ws> Reply-To: "Daniel P. Berrange" List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: Avi Kivity , "David S. Ahern" , qemu-devel@nongnu.org On Tue, Apr 21, 2009 at 11:49:11AM -0500, Anthony Liguori wrote: > Daniel P. Berrange wrote: > >On Tue, Apr 21, 2009 at 04:38:55PM +0300, Avi Kivity wrote: > > > >>David S. Ahern wrote: > >> > >>>Is there a monitor command (or other method) to force a VNC client > >>>connection to close? > >>> > >>>It looks like the vnc code does not use keepalive probes. If the > >>>connection is left hanging the VNC server will never drop it. I have hit > >>>this condition a couple of times when a VPN connection drops while the > >>>vncviewer is connected to a VM. > >>> > >>>Specific software version at the moment is kvm-81. > >>> > >>> > >>Why not just enable tcp keepalives? > >> > > > >Independant of killing off stale VNC clients, it could be desirable to > >have a monitor command to kill a client, to allow revoking of end user > >access to VNC. > > > > I'm surprised change vnc none doesn't kill off all VNC connections. It may well do that - i've not tried it :-) > I don't see a compelling use case to boot off individual clients other > than we can. Is there something specific you were thinking someone > would want to do? I've no pressing need for this - i was just thinking of possible use cases for the command. Now we allow multiple concurrent VNC clients, and can authenticate them, I just thought that it might be desirable to be able to drop individual authenticated clients. eg if you've revoked their credentials, but they still have a session open. Turning off+on the whole VNC server would work as a big stick too. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|