Hi, thank you for your report! The config in /etc/default/libvirtd is pretty much there for compatibility reasons with older setups and (on Debian) people using still sys-V init. And even with systemd some other options than "-l" can still be sued that way e.g. "-v" for extra verbosity.
If one sets that option the error message gladly is pretty clear: libvirtd[2725397]: --listen parameter not permitted with systemd activation sockets, see 'man libvirtd' for further guidance In that man page it explains (as that isn't a Ubuntu only problem): ``` ... In socket activation mode, it will rely on systemd to create and listen on the UNIX, and optionally TCP/IP, sockets and pass them as pre-opened file descriptors. In this mode, it is not permitted to pass the --listen parameter, and most of the socket related config options in /etc/libvirt/libvirtd.conf will no longer have any effect. To enable TCP or TLS sockets use either $ systemctl start libvirtd-tls.socket Or $ systemctl start libvirtd-tcp.socket ... ``` There is no need to change the .service file as you did, and in fact any subsequent update would eliminate that change. As a TL;DR and I hope IIRC it would be like: $ sudo systemctl stop libvirtd $ sudo systemctl start libvirtd-tcp.socket # in any real setup you'd now setup SASL, but for this to # be short I set auth_tcp = "none" in /etc/libvirt/libvirtd.conf With that in place $ virsh -c qemu+tcp://127.0.0.1/system list Will start libvirtd and it accepts tcp connections. In addition there also is TLS which is more complex there is: #setup CA and issue/config certificates for libvirtd # see TLS x509 certificate configuration and any entry related to # *tls* and *certificates* in /etc/libvirt/libvirtd.conf $ sudo systemctl stop libvirtd $ sudo systemctl start libvirtd-tls.socket What to do from here: - I agree that a hint in /etc/default/libvirtd would be great to have as its current form is misleading. - This bug demonstrates that it is unclear how to be used. Therefore a documentation entry in the Ubuntu server guide would be very helpful. It should show how this can be done (for TCP) and also include an example of a cert setup and end by accessing via TLS Triaging the bug with that in mind, but please speak up for a discussion on this if you want. ** Summary changed: - Libvirtd on 20.04 does not listen on port 16509 + Libvirtd conffiles should be less misleading and document tcp/tls usage ** Tags added: server-todo -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960937 Title: Libvirtd conffiles should be less misleading and document tcp/tls usage To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1960937/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs