[libvirt-users] acceptable SASL mechanisms/can libvirt authenticate against PAM

Josip Deanovic djosip+news at linuxpages.net
Wed Dec 14 09:05:49 UTC 2011


On Wednesday 2011-12-14, Dave Allan wrote:
> I was playing with SASL authentication a bit today and I wasn't able
> to get libvirt to authenticate against PAM (or anything else except
> the sasldb, although I didn't try Kerberos).  Does anybody know off
> the top of their head what mechanisms/password check options work?
> I'm trying to figure out if I'm attempting the impossible.
> 
> Dave


Hi Dave,

Here is my working configuration with sql backend. I am using postgres.

mech_list: digest-md5
pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: pgsql  
sql_hostnames: localhost            
sql_user: qemukvm
sql_passwd: secret   
sql_database: qemukvmdb
sql_select: select password from qemuusers where username = '%u'


To make use of PAM as far as I know you will have to use saslauthd method.

And here is the list of relevant sasl options (I am not sure if it's up to 
date): http://asyd.net/docs/cyrus-options.html


-- 
Josip Deanovic




More information about the libvirt-users mailing list