From 0f350a4d070e952b0ecc7631708478ddfd43ba3f Mon Sep 17 00:00:00 2001 From: Jim Fehlig Date: Thu, 2 Feb 2023 11:04:20 -0700 Subject: [PATCH] tools: Fix detection of remote libvirt access in virt-qemu-sev-validate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The VM's firmware path is not extracted from the XML when invoking virt-qemu-sev-validate in insecure mode and connecting to the local libvirt virt-qemu-sev-validate --insecure --tk tek-tik.bin --domain test-sev-es ERROR: Cannot access firmware path remotely The test for remote access compares the return value from socket.gethostname() to the return value from conn.getHostname(). The former doesn't always return the fqdn, whereas the latter does. Use socket.getfqdn() instead. Signed-off-by: Jim Fehlig Reviewed-by: Daniel P. Berrangé --- tools/virt-qemu-sev-validate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/virt-qemu-sev-validate b/tools/virt-qemu-sev-validate index 3d8b292fef..7a8c3205e7 100755 --- a/tools/virt-qemu-sev-validate +++ b/tools/virt-qemu-sev-validate @@ -942,7 +942,7 @@ class LibvirtConfidentialVM(ConfidentialVM): def load_domain(self, uri, id_name_uuid, secure, ignore_config): self.conn = libvirt.open(uri) - remote = socket.gethostname() != self.conn.getHostname() + remote = socket.getfqdn() != self.conn.getHostname() if not remote and secure: raise InsecureUsageException( "running locally on the hypervisor host is not secure")