Re: acceptable SASL mechanisms/can libvirt authenticate against PAM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 14, 2011 at 11:07:13AM +0100, Josip Deanovic wrote:
> On Wednesday 2011-12-14, Josip Deanovic wrote:
> > On Wednesday 2011-12-14, Dave Allan wrote:
> > > I was playing with SASL authentication a bit today and I wasn't able
> > > to get libvirt to authenticate against PAM (or anything else except
> > > the sasldb, although I didn't try Kerberos).  Does anybody know off
> > > the top of their head what mechanisms/password check options work?
> > > I'm trying to figure out if I'm attempting the impossible.
> > > 
> > > Dave
> > 
> > Hi Dave,
> > 
> > Here is my working configuration with sql backend. I am using postgres.
> > 
> > mech_list: digest-md5
> > pwcheck_method: auxprop
> > auxprop_plugin: sql
> > sql_engine: pgsql
> > sql_hostnames: localhost
> > sql_user: qemukvm
> > sql_passwd: secret
> > sql_database: qemukvmdb
> > sql_select: select password from qemuusers where username = '%u'
> > 
> > 
> > To make use of PAM as far as I know you will have to use saslauthd
> > method.
> > 
> > And here is the list of relevant sasl options (I am not sure if it's up
> > to date): http://asyd.net/docs/cyrus-options.html
> 
> 
> Sorry, I was mistakenly referring to sasl authentication for vnc client with 
> sasl support.
> However, this configuration might work with libvit with little or no 
> modifications. However I never tried to authenticate to libvrit using sasl.

Good info nonetheless, thanks.

Dave

> -- 
> Josip Deanovic
> 
> _______________________________________________
> libvirt-users mailing list
> libvirt-users@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/libvirt-users


[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux