[libvirt-users] libvirtd + vir-manager + kerberos

Thomas Schweikle tps at vr-web.de
Thu Jan 27 23:59:28 UTC 2011


Having two hosts installed with libvirtd, kvm, qemu on (Ubuntu
10.10). Now I have one big problem and one less:

I have set up kerberos for both hosts. Created the principal
"libvirt/srv1.example.org at EXAMPLE.ORG" and
"libvirt/srv2.example.org at EXAMPLE.ORG", Exported the krb5.keytab,
Installed it and tested the servers:

srv1.example.org: I can connect using kerberos after acquiring a
ticket with kinit.

srv2.example.org: I am asked for user and password. Setup seems to
be identical. Is there a way to debug, what is going on on this
server? I'd like to have both respect kerberos and allow logging in
with no password it already authenticated!

Here is what I've set up:
listen_tls = 0
listen_tcp = 1
mdns_adv = 0
auth_unix_ro = "none"
auth_unix_rw = "none"
auth_tcp = "sasl"

mech_list: gssapi
keytab: /etc/libvirt/krb5.kqemu
sasldb_path: /etc/libvirt/passwd.db

I start libvirtd with:
/usr/sbin/libvirtd -d --listen

In virt-manager I've set both hosts:

Since both configs are identical (I've ran diff on them) I am a bit
lost at the moment. I do not have any idea why it works for one
host, but not the other. Any ideas?


More information about the libvirt-users mailing list