Hi list,
I've been thinking and I think the right question is:
- about which is libvirt access to sasl, socket?
- which is transmitted?
and
- what is expected libvirt?
(e.g. shadow have no service/application assignment)
:) regards
Robyn
2012/1/18 Robyn Bachofer <r.bachofer at googlemail.com>
> Hi list,
>
> i have a problem with virt-manager authentication over tcp.
>
>
> I tried it with virt-manager over non-TLS "TCP (SASL/Kerberos)"
auth. and
> the sasl mechanism "shadow".
> The user (tested with unprivileged user and root) is allready in the group
> libvirt(d) and the process is running as root.
>
> The result on host:
> Jan 18 21:05:31 host libvirtd: 21:05:31.620: error :
> remoteDispatchAuthSaslStep:3691 : sasl step failed -20 (SASL(-13): user not
> found: no secret in database)
>
> on client (virt-manager gui):
> ...
> ('virtConnectOpenAuth() faild')
> ..
>
>
> I have tested it with tool "testsaslauthd" and their result:
> e.g.: # testsaslauthd -u root -p root
> 0: OK "Success."
>
> When i set it manually with saslpasswd:
> # saslpasswd2 -a libvirt root -p
> it works.
>
> Although I use, in the configuration of sasl, shadow, libvirt does not use
> it (i think so).
>
> Host:
> debian6.0.3 (squeez)
> libvirt 0.8.3 (deb)
> sasl2.1.23 (deb)
>
> :-)
>
> Best regards,
> Robyn
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://listman.redhat.com/archives/libvirt-users/attachments/20120120/9cabda5a/attachment.htm>