I've been thinking and I think the right question is:
- about which is libvirt access to sasl, socket?
- which is transmitted?
and
- what is expected libvirt?
(e.g. shadow have no service/application assignment)
:) regards
Robyn
2012/1/18 Robyn Bachofer <r.bachofer@xxxxxxxxxxxxxx>
Hi list,i have a problem with virt-manager authentication over tcp.I tried it with virt-manager over non-TLS "TCP (SASL/Kerberos)" auth. and the sasl mechanism "shadow".The user (tested with unprivileged user and root) is allready in the group libvirt(d) and the process is running as root.The result on host:Jan 18 21:05:31 host libvirtd: 21:05:31.620: error : remoteDispatchAuthSaslStep:3691 : sasl step failed -20 (SASL(-13): user not found: no secret in database)on client (virt-manager gui):...('virtConnectOpenAuth() faild')..I have tested it with tool "testsaslauthd" and their result:e.g.: # testsaslauthd -u root -p root0: OK "Success."When i set it manually with saslpasswd:# saslpasswd2 -a libvirt root -pit works.Although I use, in the configuration of sasl, shadow, libvirt does not use it (i think so).Host:debian6.0.3 (squeez)libvirt 0.8.3 (deb)sasl2.1.23 (deb):-)Best regards,Robyn