[Freeipa-users] libvirt with vnc freeipa
Natxo Asenjo
natxo.asenjo at gmail.com
Fri Nov 30 12:06:12 UTC 2012
hi,
I'm following the howto on
http://freeipa.org/page/Libvirt_with_VNC_Consoles to authenticate
users voor virsh with ipa.
I have it mostly working :-) except for the fact that libvirtd is not
respecting the sasl_allowed_username_list parameter.
If I do not set it, and I have a realm ticket, then I may login virsh
or virtual manager and I get tickets for libvirt/vnc services.
If I do set it, then it tells me the client is not in the whitelist,
so I cannot log in :-)
2012-11-30 12:00:53.403+0000: 7786: error :
virNetSASLContextCheckIdentity:146 : SASL client admin not allowed in
whitelist
2012-11-30 12:00:53.403+0000: 7786: error :
virNetSASLContextCheckIdentity:150 : Client's username is not on the
list of allowed clients
2012-11-30 12:00:53.403+0000: 7786: error :
remoteDispatchAuthSaslStep:2447 : authentication failed:
authentication failed
2012-11-30 12:00:53.415+0000: 7781: error : virNetSocketReadWire:999 :
End of file while reading data: Input/output error
Is this a question for the libvirt folks or is it ok to post it here?
--
Groeten,
natxo
More information about the Freeipa-users
mailing list