[libvirt-users] libvirt with sasl shadow backend

Robyn Bachofer r.bachofer at googlemail.com
Fri Jan 20 07:01:04 UTC 2012 

The tool for testing SASL-Authentication  "testsaslauthd" uses sockets:

strace:
socket(PF_FILE, SOCK_STREAM, 0)         = 3
connect(3, {sa_family=AF_FILE, path="/var/run/saslauthd/mux"}, 110) = 0
writev(3, [{"\0\4root\0\4root\0\4imap\0\0", 20}], 1) = 20
read(3, "\0\2", 2)                      = 2
read(3, "OK", 2)

and it is successfully (whatever service is set [-s servicename] or without
-s).
But how it makes libvirt? I can't trace it and i don't see it in
source-code of remote.c/h

understandable?



2012/1/20 Dave Allan <dallan at redhat.com>

> On Fri, Jan 20, 2012 at 12:55:09AM +0100, Robyn Bachofer wrote:
> > Hi list,
> >
> > I've been thinking and I think the right question is:
> > - about which is libvirt access to sasl, socket?
> > - which is transmitted?
> > and
> > - what is expected libvirt?
> >
> > (e.g. shadow have no service/application assignment)
>
> I'm not sure I understand your question, can you explain?
>
> Dave
>
>
> > :) regards
> >
> > Robyn
> >
> >
> >
> >
> > 2012/1/18 Robyn Bachofer <r.bachofer at googlemail.com>
> >
> > > Hi list,
> > >
> > > i have a problem with virt-manager authentication over tcp.
> > >
> > >
> > > I tried it with virt-manager over non-TLS "TCP (SASL/Kerberos)" auth.
> and
> > > the sasl mechanism "shadow".
> > > The user (tested with unprivileged user and root) is allready in the
> group
> > > libvirt(d) and the process is running as root.
> > >
> > > The result on host:
> > > Jan 18 21:05:31 host libvirtd: 21:05:31.620: error :
> > > remoteDispatchAuthSaslStep:3691 : sasl step failed -20 (SASL(-13):
> user not
> > > found: no secret in database)
> > >
> > > on client (virt-manager gui):
> > > ...
> > > ('virtConnectOpenAuth() faild')
> > > ..
> > >
> > >
> > > I have tested it with tool "testsaslauthd" and their result:
> > > e.g.: # testsaslauthd -u root -p root
> > > 0: OK "Success."
> > >
> > > When i set it manually with saslpasswd:
> > > #  saslpasswd2 -a libvirt root -p
> > > it works.
> > >
> > > Although I use, in the configuration of sasl, shadow, libvirt does not
> use
> > > it (i think so).
> > >
> > > Host:
> > > debian6.0.3 (squeez)
> > > libvirt 0.8.3 (deb)
> > > sasl2.1.23 (deb)
> > >
> > > :-)
> > >
> > > Best regards,
> > > Robyn
> > >
>
> > _______________________________________________
> > libvirt-users mailing list
> > libvirt-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/libvirt-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20120120/d6281c6d/attachment.htm>

More information about the libvirt-users mailing list