diff --git a/SOURCES/bz2132010-fence_virt-add-note-reboot-action.patch b/SOURCES/bz2132010-fence_virt-add-note-reboot-action.patch
new file mode 100644
index 0000000..cb5ec00
--- /dev/null
+++ b/SOURCES/bz2132010-fence_virt-add-note-reboot-action.patch
@@ -0,0 +1,36 @@
+diff --color -uNr a/client/options.c b/client/options.c
+--- a/client/options.c	2022-10-05 15:57:12.661717853 +0200
++++ b/client/options.c	2022-10-05 15:56:44.854549898 +0200
+@@ -729,9 +729,9 @@
+ 
+ 	if (!print_stdin) {
+ 		if (progname) {
+-			printf("usage: %s [args]\n", progname);
++			printf("usage: %s [args]\n\nNOTE: reboot-action does not power on nodes that are powered off.\n\n", progname);
+ 		} else {
+-			printf("usage: fence_virt [args]\n");
++			printf("usage: fence_virt [args]\n\nNOTE: reboot-action does not power on nodes that are powered off.\n\n");
+ 		}
+ 	}
+ 
+@@ -761,7 +761,8 @@
+ 	printf("<?xml version=\"1.0\" ?>\n");
+ 	printf("<resource-agent name=\"%s\" shortdesc=\"Fence agent for virtual machines\">\n", basename(progname));
+ 	printf("<longdesc>%s is an I/O Fencing agent which can be used with "
+-	       "virtual machines.</longdesc>\n", basename(progname));
++	       "virtual machines.\n\nNOTE: reboot-action does not power on nodes that are powered off."
++	       "</longdesc>\n", basename(progname));
+ 	printf("<parameters>\n");
+ 
+ 	for (x = 0; x < strlen(optstr); x++) {
+diff --color -uNr a/man/fence_virt.8 b/man/fence_virt.8
+--- a/man/fence_virt.8	2019-11-14 16:29:26.000000000 +0100
++++ b/man/fence_virt.8	2022-10-05 16:01:44.001358622 +0200
+@@ -15,6 +15,7 @@
+ For compatibility, fence_xvm may talk to fence_xvmd from linux-cluster
+ release 2 or later.
+ 
++NOTE: reboot-action does not power on nodes that are powered off.
+ .P
+ fence_virt and fence_xvm accept options on the command line as well
+ as from stdin.  The fencing daemon sends parameters through stdin
diff --git a/SOURCES/bz2138825-fence_virtd-update-manpage.patch b/SOURCES/bz2138825-fence_virtd-update-manpage.patch
new file mode 100644
index 0000000..8532bb5
--- /dev/null
+++ b/SOURCES/bz2138825-fence_virtd-update-manpage.patch
@@ -0,0 +1,29 @@
+From 6817d9ff018aa1af6fb9775bc9ae1f1cc07fa1ea Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Mon, 31 Oct 2022 10:54:10 +0100
+Subject: [PATCH] fence_virtd: add link and non-user socket example to man page
+
+---
+ man/fence_virt.conf.5 | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/man/fence_virt.conf.5 b/man/fence_virt.conf.5
+index c23ffd943..c8434ed65 100644
+--- a/man/fence_virt.conf.5
++++ b/man/fence_virt.conf.5
+@@ -230,6 +230,15 @@ by a user running a cluster of virtual machines on a single desktop computer.
+ .
+ the URI to use when connecting to libvirt.
+ 
++All libvirt URIs are accepted and passed as-is.
++
++See https://libvirt.org/uri.html#remote-uris for examples.
++
++NOTE: When VMs are run as non-root user the socket path must be set as part
++of the URI.
++
++Example: qemu:///session?socket=/run/user/<UID>/libvirt/virtqemud-sock
++
+ .SS libvirt-qmf
+ 
+ The libvirt-qmf plugin acts as a QMFv2 Console to the libvirt-qmf daemon in
diff --git a/SOURCES/bz2144530-fence_virtd-warn-files-not-mode-600.patch b/SOURCES/bz2144530-fence_virtd-warn-files-not-mode-600.patch
new file mode 100644
index 0000000..c4008f2
--- /dev/null
+++ b/SOURCES/bz2144530-fence_virtd-warn-files-not-mode-600.patch
@@ -0,0 +1,118 @@
+diff --color -uNr a/config/Makefile.am b/config/Makefile.am
+--- a/config/Makefile.am	2019-11-20 14:13:42.000000000 +0100
++++ b/config/Makefile.am	2022-11-22 10:12:51.764545658 +0100
+@@ -37,5 +37,8 @@
+ config.c: y.tab.c config.l
+ 	$(LEX) -oconfig.c $(srcdir)/config.l
+ 
++install-exec-hook:
++	chmod 600 $(DESTDIR)$(sysconfdir)/fence_virt.conf
++
+ clean-local:
+ 	rm -f config.tab.c config.tab.h config.c y.tab.c y.tab.h
+diff --color -uNr a/include/simpleconfig.h b/include/simpleconfig.h
+--- a/include/simpleconfig.h	2018-01-15 15:02:31.000000000 +0100
++++ b/include/simpleconfig.h	2022-11-22 10:15:06.440335062 +0100
+@@ -49,4 +49,8 @@
+ /* Frees a previously-allocated copy of our simple config object */
+ void sc_release(config_object_t *c);
+ 
++int check_file_permissions(const char *fname);
++
++int do_configure(config_object_t *config, const char *filename);
++
+ #endif
+diff --color -uNr a/include/simpleconfig.h.rej b/include/simpleconfig.h.rej
+--- a/include/simpleconfig.h.rej	1970-01-01 01:00:00.000000000 +0100
++++ b/include/simpleconfig.h.rej	2022-11-22 10:12:51.764545658 +0100
+@@ -0,0 +1,11 @@
++--- include/simpleconfig.h
+++++ include/simpleconfig.h
++@@ -49,6 +49,8 @@ config_object_t *sc_init(void);
++ /* Frees a previously-allocated copy of our simple config object */
++ void sc_release(config_object_t *c);
++ 
+++int check_file_permissions(const char *fname);
+++
++ int do_configure(config_object_t *config, const char *filename);
++ 
++ #endif
+diff --color -uNr a/server/config.c b/server/config.c
+--- a/server/config.c	2019-11-20 14:13:42.000000000 +0100
++++ b/server/config.c	2022-11-22 10:17:25.539150364 +0100
+@@ -11,6 +11,7 @@
+ #include <fcntl.h>
+ #include <net/if.h>
+ #include <arpa/inet.h>
++#include <errno.h>
+ 
+ #include "simpleconfig.h"
+ #include "static_map.h"
+@@ -590,6 +591,31 @@
+ 
+ 
+ int
++check_file_permissions(const char *fname)
++{
++	struct stat st;
++	mode_t file_perms = 0600;
++	int ret;
++
++	ret = stat(fname, &st);
++	if (ret != 0) {
++		printf("stat failed on file '%s': %s\n",
++			 fname, strerror(errno));
++		return 1;
++	}
++
++	if ((st.st_mode & 0777) != file_perms) {
++		printf("WARNING: invalid permissions on file "
++			 "'%s': has 0%o should be 0%o\n", fname,
++			 (unsigned int)(st.st_mode & 0777),
++			 (unsigned int)file_perms);
++		return 1;
++	}
++
++	return 0;
++}
++
++int
+ do_configure(config_object_t *config, const char *config_file)
+ {
+ 	FILE *fp = NULL;
+diff --color -uNr a/server/main.c b/server/main.c
+--- a/server/main.c	2019-11-27 09:19:52.000000000 +0100
++++ b/server/main.c	2022-11-22 10:19:06.647742990 +0100
+@@ -14,11 +14,12 @@
+ /* Local includes */
+ #include "simpleconfig.h"
+ #include "static_map.h"
++#include "xvm.h"
+ #include "server_plugin.h"
++#include "simple_auth.h"
+ #include "debug.h"
+ 
+ /* configure.c */
+-int do_configure(config_object_t *config, const char *filename);
+ int daemon_init(const char *prog, const char *pid_file, int nofork);
+ int daemon_cleanup(void);
+ 
+@@ -206,6 +207,18 @@
+ 		snprintf(pid_file, PATH_MAX, "/var/run/%s.pid", basename(argv[0]));
+ 	}
+ 
++	check_file_permissions(config_file);
++
++	sprintf(val, "listeners/%s/@key_file", listener_name);
++	if (sc_get(config, val,
++		   val, sizeof(val)-1) == 0) {
++		dbg_printf(1, "Got %s for key_file\n", val);
++	} else {
++		snprintf(val, sizeof(val), "%s", DEFAULT_KEY_FILE);
++	}
++
++	check_file_permissions(val);
++
+ 	openlog(basename(argv[0]), LOG_NDELAY | LOG_PID, LOG_DAEMON);
+ 
+ 	daemon_init(basename(argv[0]), pid_file, foreground);
diff --git a/SOURCES/bz2149649-fence_virtd-update-fence_virt.conf-manpage.patch b/SOURCES/bz2149649-fence_virtd-update-fence_virt.conf-manpage.patch
new file mode 100644
index 0000000..b927445
--- /dev/null
+++ b/SOURCES/bz2149649-fence_virtd-update-fence_virt.conf-manpage.patch
@@ -0,0 +1,55 @@
+From 6f213eb637bf7d957ba035e3aa09ce1f1bbccf84 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Tue, 29 Nov 2022 16:21:18 +0100
+Subject: [PATCH] fence_virtd: add info about using multiple uuid/ip entries
+ for groups
+
+---
+ man/fence_virt.conf.5 | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/man/fence_virt.conf.5 b/man/fence_virt.conf.5
+index c8434ed65..dfb3504f5 100644
+--- a/man/fence_virt.conf.5
++++ b/man/fence_virt.conf.5
+@@ -1,4 +1,4 @@
+-.TH fence_virtd.conf 5
++.TH fence_virt.conf 5
+ 
+ .SH NAME
+ fence_virt.conf - configuration file for fence_virtd
+@@ -304,15 +304,17 @@ This defines a group.
+ .TP
+ .B uuid
+ .
+-defines UUID as a member of a group.
++Defines UUID as a member of a group.  It can be used multiple times
++to specify both node name and UUID values that can be fenced.
+ 
+ .TP
+ .B ip
+ .
+-defines an IP which is allowed to send fencing requests
+-for members of this group (e.g. for multicast).  It is
+-highly recommended that this be used in conjunction with
+-a key file.
++Defines an IP which is allowed to send fencing requests
++for members of this group (e.g. for multicast).  It can be used
++multiple times to allow more than 1 IP to send fencing requests to
++the group.  It is highly recommended that this be used in conjunction
++with a key file.
+ 
+ 
+ 
+@@ -340,8 +342,11 @@ a key file.
+  groups {
+   group {
+    ip = "192.168.1.1";
++   ip = "192.168.1.2";
+    uuid = "44179d3f-6c63-474f-a212-20c8b4b25b16";
+    uuid = "1ce02c4b-dfa1-42cb-b5b1-f0b1091ece60";
++   uuid = "node1";
++   uuid = "node2";
+   }
+  }
+ 
diff --git a/SPECS/fence-virt.spec b/SPECS/fence-virt.spec
index 23387a0..b47cc24 100644
--- a/SPECS/fence-virt.spec
+++ b/SPECS/fence-virt.spec
@@ -13,12 +13,16 @@
 Name:    fence-virt
 Summary: A pluggable fencing framework for virtual machines
 Version: 1.0.0
-Release: 2%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
+Release: 6%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
 License: GPLv2+
 Group:   System Environment/Base
 URL:     https://github.com/ClusterLabs/fence-virt
 Source0: %{name}-%{version}%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}.tar.bz2
 Patch0:  bz1927171-fence_xvm-fix-typo.patch
+Patch1:  bz2132010-fence_virt-add-note-reboot-action.patch
+Patch2:  bz2138825-fence_virtd-update-manpage.patch
+Patch3:  bz2144530-fence_virtd-warn-files-not-mode-600.patch
+Patch4:  bz2149649-fence_virtd-update-fence_virt.conf-manpage.patch
 
 %if 0%{?rhel}
 ExclusiveArch: i686 x86_64
@@ -47,7 +51,12 @@ Requires(postun): systemd-units
 Conflicts:	fence-agents < 3.0.5-2
 
 %prep
-%autosetup -p1
+%setup -q -n %{name}-%{version}%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
 
 %build
 ./autogen.sh
@@ -176,6 +185,27 @@ are located on corosync cluster nodes.
 %{_libdir}/%{name}/cpg.so
 
 %changelog
+* Fri Dec  2 2022 Oyvind Albrigtsen <oalbrigt@redhat.com> - 1.0.0-6
+- fence_virtd: add info about multiple uuid/ip entries to manpage
+
+  Resolves: rhbz#2149649
+
+* Tue Nov 22 2022 Oyvind Albrigtsen <oalbrigt@redhat.com> - 1.0.0-5
+- fence_virtd: warn if config or key file(s) are not mode 600
+
+  Resolves: rhbz#bz2144530
+
+* Mon Oct 31 2022 Oyvind Albrigtsen <oalbrigt@redhat.com> - 1.0.0-4
+- fence_virtd: add link to uri examples and uri w/socket path
+  example for when VMS are run as non-root user to manpage
+
+  Resolves: rhbz#2138825
+
+* Wed Oct  5 2022 Oyvind Albrigtsen <oalbrigt@redhat.com> - 1.0.0-3
+- fence_virt: add note that reboot-action doesnt power on nodes that
+  are powered off
+  Resolves: rhbz#2132010
+
 * Fri Oct 15 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 1.0.0-2
 - fence_xvm: fix typo
   Resolves: rhbz#1927171