similar to: Proposed libguestfs API for implementing libvirt virConnectOpenAuth

From: "Richard W.M. Jones" <rjones at redhat.com> This commit models libvirt authentication events through the API, adding one new event (GUESTFS_EVENT_LIBVIRT_AUTH) and several new APIs: guestfs_set_libvirt_supported_credentials guestfs_get_libvirt_requested_credentials guestfs_get_libvirt_requested_credential_prompt guestfs_get_libvirt_requested_credential_challenge

On 10/22/2015 2:20 AM, John Hodrien wrote: > On Thu, 22 Oct 2015, Alessandro Baggi wrote: > >> Hi J, >> thank you for the suggestion. Why team make this possible? What is >> the purpose? > > It's a nice flexible setup for a workstation situation. I can have > CentOS > installed on a workstation, and allow users to reboot it as long as > there's

I'm seeing a lot of activity over the last two days with what looks to be a kiddie script. Mostly trying to access several of our servers with the username anna. All failed... in fact I don't think we have a user anna on any of our servers. Meanwhile... I'm running Sendmail. This pertains to Centos 4 and 5 servers. I'm also running fail2ban on some and Ossec on others. So far,

Dear Experts, "this is system from the hell!" Than was my first reaction when I realized that logged in with GUI (X11) user can turn off (and on) network interfaces. Without being in sudoers file. Wow, this is scary to see on workstations I manage centrally. Even though I did consider local user to be able to execute the command "shutdown" (which distinguished RedHat and

The NBD spec was recently patched (nbd.git commit 7827f3ae and friends) to require NBD_OPT_GO for baseline interoperability, with the aim of fewer servers and clients falling back to NBD_OPT_EXPORT_NAME. And since nbdkit as server recently started supporting NBD_OPT_GO (commit f7dd9799), our nbd client as plugin should take advantage of it. This patch is a prerequisite to teaching the nbd plugin

Instead of repeating a check for valid reply headers in each sub-state machine, let's have a common helper function do all the work. Additionally, a central location will make it easier to uniformly capture any NBD_REP_ERR message payloads. --- generator/generator | 8 +-- generator/states-newstyle-opt-go.c | 40 +++----------

Folks I am using sendmail as my mail server. SELINUX is disabled. I observe messages in Centos 7 (and 6) in /var/log/messages, similar to: saslauthd[2765]: do_auth : auth failure: [user=bettie] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] I guess that this is because somebody tried to access one of the SMTP ports with a logon attempt. This is understandable; there are

sieveshell cannot connect as any user Mar 14 23:53:45 srv1 saslauthd[22038]: do_auth : auth failure: [user=root] [service=sieve] [realm=] [mech=shadow] [reason=Unknown] Mar 14 23:53:45 srv1 sieve[22047]: Password verification failed Mar 14 23:53:45 srv1 perl: No worthy mechs found Mar 15 00:01:54 srv1 saslauthd[22164]: do_auth : auth failure: [user=root] [service=sieve] [realm=]

This conversion should be feature compatible with the standalone nbd code. Note that the use of libnbd makes the binary for this particular plugin fall under an LGPLv2+ license rather than BSD; but the source code in nbd.c remains BSD. A lot of code simply disappears, now that I'm no longer directly utilizing the NBD protocol files but relying on libnbd. Coordination between threads from

This conversion should be feature compatible with the standalone nbd code. Note that the use of libnbd makes the binary for this particular plugin fall under an LGPLv2+ license rather than BSD; but the source code in nbd.c remains BSD. A lot of code simply disappears, now that I'm no longer directly utilizing the NBD protocol files but relying on libnbd. Coordination between threads from

When we first used libnbd (nbdkit 1.14), it was brand new, so we left in the ability to build a limited nbd plugin without the use of libnbd for comparison. But now that libnbd has had more time under its belt, and we have learned that our nbd-standalone code is not getting much testing, it's time to follow through with our plan to finish off the old code, and now build the nbd plugin only

I'm setting up a postfix server using "The Book of Postfix". In ch 15 there is a section on testing saslauthd which I can't get to work. I can get it to work using shadow password authentication, but it fails on pam. I don't kow squat about troubleshooting pam. Any PAM wizzes out there that can help? I saw a unrelated post talking about something needing to be in the pam

Hi, I'm running a Centos 5.1 server that uses saslauthd to allow sendmail SMTP relaying for some clients. saslauthd is configured to use method "shadow" to lookup the username / password directly from /etc/shadow. This setup has been working for several month now, but is broken since last Monday. I haven't changed anything neither on the server nor on the clients. Now whenever a

Hi Not sure whether this is the correct list to ask ... if it's not please direct me to the correct one. Is it possible on to log a bit more detail when auth failure occurs when using saslauthd? saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error] What I want is the IP address and if possible the incorrect password

Hello, I'm having trouble to get saslauthd running on a centos-5.3. I can't autheticate via testsaslauthd. Here's what I do using a fresh /etc/sasldb2: 1) start saslauthd in debug mode: saslauthd -d -a shadow -O /usr/lib64/sasl2/smtpd.conf -r -l 2) saslpasswd2 -c -a mail -u mail testuser 3) testsaslauthd -u testomat -p <mypassword> -s smtp -r mail shell output of

I have two before_filters for a few of my controllers. They are running my own methods authorize and admin_authorize. authorize is called on just about every action to make sure that a user is logged in. admin_authorize is called on about 80% of the actions and is used to make sure that a user is an administrator. If a user tries to access an admin_authorize protected action without being

The existing mechanism was clunky, slow and used ~ 10 MB of local disk. Rich.

I am trying to get cyrus-imapd and saslauthd running together so that I can get squirrelmail to work. I have accomplished this on several other servers and have relatively complete documentation on how to do this. What I am running into in this case has me baffled. If I start saslauthd as a service: # service saslauthd start And I try testsaslauthd -u cyrus -p test Then I see this: 0: NO

On 4/25/2017 7:00 PM, Jobst Schmalenbach wrote: > Is it possible on to log a bit more detail when auth failure occurs when using saslauthd? > > saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error] > > What I want is the IP address and if possible the incorrect password (just to see how far they are off). > Is

https://bugzilla.redhat.com/show_bug.cgi?id=889082