Re: acceptable SASL mechanisms/can libvirt authenticate against PAM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wednesday 2011-12-14, Josip Deanovic wrote:
> On Wednesday 2011-12-14, Dave Allan wrote:
> > I was playing with SASL authentication a bit today and I wasn't able
> > to get libvirt to authenticate against PAM (or anything else except
> > the sasldb, although I didn't try Kerberos).  Does anybody know off
> > the top of their head what mechanisms/password check options work?
> > I'm trying to figure out if I'm attempting the impossible.
> > 
> > Dave
> 
> Hi Dave,
> 
> Here is my working configuration with sql backend. I am using postgres.
> 
> mech_list: digest-md5
> pwcheck_method: auxprop
> auxprop_plugin: sql
> sql_engine: pgsql
> sql_hostnames: localhost
> sql_user: qemukvm
> sql_passwd: secret
> sql_database: qemukvmdb
> sql_select: select password from qemuusers where username = '%u'
> 
> 
> To make use of PAM as far as I know you will have to use saslauthd
> method.
> 
> And here is the list of relevant sasl options (I am not sure if it's up
> to date): http://asyd.net/docs/cyrus-options.html


Sorry, I was mistakenly referring to sasl authentication for vnc client with 
sasl support.
However, this configuration might work with libvit with little or no 
modifications. However I never tried to authenticate to libvrit using sasl.


-- 
Josip Deanovic


[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux