Re: Stored secrets seem to get corrupted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jun 25, 2012 at 04:37:48PM +0200, Wido den Hollander wrote:
> Hi,
> 
> On one of my systems I'm having troubles with my RBD storage backend.
> 
> At first I thought it was a problem with my code, but after trying
> the same code on a second machine I'm a bit confused.
> 
> The problem is that the storage backend tries to retrieve the value
> of a secret and base64 decode it, that fails.
> 
> My debug log shows:

> Notice this behavior:
> 
> root@stack01:~# virsh secret-set-value
> 322bccea-f2ed-4eae-a7e5-d0793ffb162d
> AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> Secret value set
> 
> root@stack01:~# md5sum
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> b4b147bc522828731f1a016bfa72c073
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> root@stack01:~# virsh secret-set-value
> 322bccea-f2ed-4eae-a7e5-d0793ffb162d
> AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> Secret value set
> 
> root@stack01:~# md5sum
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> 927e2458c32cc3f6754d91694e41333f
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> root@stack01:~#
> 
> As you can see, the md5sum of the file changes when I set the value
> of the secret to the same.

That is really bizarre. Can you look at what is actually stored
in the .base64 file each time ? And what 'secret-get-value'
replies with ?

> I tried the same on the other host:
> 
> root@stack02:~# virsh secret-set-value
> 322bccea-f2ed-4eae-a7e5-d0793ffb162d
> AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> Secret value set
> 
> root@stack02:~# md5sum
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> c30db27f9ebfe3f7903470d4bd542d1d
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> root@stack02:~# virsh secret-set-value
> 322bccea-f2ed-4eae-a7e5-d0793ffb162d
> AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> Secret value set
> 
> root@stack02:~# md5sum
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> c30db27f9ebfe3f7903470d4bd542d1d
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> root@stack02:~# virsh secret-set-value
> 322bccea-f2ed-4eae-a7e5-d0793ffb162d
> AQAE+uJPCFpELBAAkTniQvHabBGj0Quwnu2imA==
> Secret value set
> 
> root@stack02:~# md5sum
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> c30db27f9ebfe3f7903470d4bd542d1d
> /etc/libvirt/secrets/322bccea-f2ed-4eae-a7e5-d0793ffb162d.base64
> root@stack02:~#
> 
> The md5sum stays the same on stack02.

This is the correct behaviour tht I see myself too.

> I verified that stack01 isn't out of disk space or out of inodes,
> those are in the acceptable values range.
> 
> Any suggestions?

I think you'll probably need to add some more  VIR_DEBUG lines
to secret_driver.c to see where in the process it is going
wrong. Or perhaps strace libvirtd to see what it thinks it
is writing out & whether any errors appear.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]