On Wednesday 2011-12-14, Josip Deanovic wrote: > On Wednesday 2011-12-14, Dave Allan wrote: > > I was playing with SASL authentication a bit today and I wasn't able > > to get libvirt to authenticate against PAM (or anything else except > > the sasldb, although I didn't try Kerberos). Does anybody know off > > the top of their head what mechanisms/password check options work? > > I'm trying to figure out if I'm attempting the impossible. > > > > Dave > > Hi Dave, > > Here is my working configuration with sql backend. I am using postgres. > > mech_list: digest-md5 > pwcheck_method: auxprop > auxprop_plugin: sql > sql_engine: pgsql > sql_hostnames: localhost > sql_user: qemukvm > sql_passwd: secret > sql_database: qemukvmdb > sql_select: select password from qemuusers where username = '%u' > > > To make use of PAM as far as I know you will have to use saslauthd > method. > > And here is the list of relevant sasl options (I am not sure if it's up > to date): http://asyd.net/docs/cyrus-options.html Sorry, I was mistakenly referring to sasl authentication for vnc client with sasl support. However, this configuration might work with libvit with little or no modifications. However I never tried to authenticate to libvrit using sasl. -- Josip Deanovic
