On Fri, Jan 20, 2012 at 12:55:09AM +0100, Robyn Bachofer wrote:
> Hi list,
>
> I've been thinking and I think the right question is:
> - about which is libvirt access to sasl, socket?
> - which is transmitted?
> and
> - what is expected libvirt?
>
> (e.g. shadow have no service/application assignment)
I'm not sure I understand your question, can you explain?
Dave
> :) regards
>
> Robyn
>
>
>
>
> 2012/1/18 Robyn Bachofer <r.bachofer@xxxxxxxxxxxxxx>
>
> > Hi list,
> >
> > i have a problem with virt-manager authentication over tcp.
> >
> >
> > I tried it with virt-manager over non-TLS "TCP (SASL/Kerberos)" auth. and
> > the sasl mechanism "shadow".
> > The user (tested with unprivileged user and root) is allready in the group
> > libvirt(d) and the process is running as root.
> >
> > The result on host:
> > Jan 18 21:05:31 host libvirtd: 21:05:31.620: error :
> > remoteDispatchAuthSaslStep:3691 : sasl step failed -20 (SASL(-13): user not
> > found: no secret in database)
> >
> > on client (virt-manager gui):
> > ...
> > ('virtConnectOpenAuth() faild')
> > ..
> >
> >
> > I have tested it with tool "testsaslauthd" and their result:
> > e.g.: # testsaslauthd -u root -p root
> > 0: OK "Success."
> >
> > When i set it manually with saslpasswd:
> > # saslpasswd2 -a libvirt root -p
> > it works.
> >
> > Although I use, in the configuration of sasl, shadow, libvirt does not use
> > it (i think so).
> >
> > Host:
> > debian6.0.3 (squeez)
> > libvirt 0.8.3 (deb)
> > sasl2.1.23 (deb)
> >
> > :-)
> >
> > Best regards,
> > Robyn
> >
> _______________________________________________
> libvirt-users mailing list
> libvirt-users@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/libvirt-users
