Re: [libvirt] test driver and virtOpenAuth()
Daniel P. Berrange wrote:
On Fri, Jul 24, 2009 at 02:23:51PM -0400, Bryan Kearney wrote:
> Daniel P. Berrange wrote:
>> On Fri, Jul 24, 2009 at 01:56:24PM -0400, Bryan Kearney wrote:
>>> I am trying to test a call into virConnectOpenAuth. How can I configure
>>> the test driver to accept auth calls on
>>>
>>> "test+tcp://localhost/default"
>> Start libvirtd as root, with SASL enabled. It is not the kind of thing
>> you want todo from a test suite though.
>>
>> Daniel
> Thanks.
>
> I am trying test script which DV wrote. So, this is more of a one-off.
>
> to enable sasl, I edited the following in my libvirtd.conf. Is this correct:
>
> listen_tcp = 1
> tcp_port = "16509"
> listen_addr = "192.168.0.1"
> auth_unix_ro = "sasl"
> auth_unix_rw = "sasl"
> auth_tcp = "sasl"
> auth_tls = "sasl"
>
> Is that all I need to do?
THere's no need to set tcp_port, or listen_addr, nor any of the
auth_XXX variables. the 'tcp' socket defaults to sasl now.
You will however have to create yourself some sasl usernames/passwords
http://libvirt.org/auth.html#ACL_server_username
Daniel
With that, I still can not connect. I see this in /var/log/messages:
Jul 27 20:25:41 localhost libvirtd: Could not find keytab file:
/etc/libvirt/krb5.tab: No such file or directory
Is that an issue?
I am getting this from the command line:
libvir: Remote error : unable to connect to 'localhost.localdomain':
Connection refused
exception caught:org.libvirt.LibvirtException: unable to connect to
'localhost.localdomain': Connection refused
level:VIR_ERR_ERROR
code:VIR_ERR_SYSTEM_ERROR
domain:VIR_FROM_REMOTE
hasConn:false
hasDom:false
hasNet:false
message:unable to connect to 'localhost.localdomain': Connection refused
str1:%s
str2:unable to connect to 'localhost.localdomain': Connection refused
str3:null
int1:-1
int2:-1
sasl output is:
[root@localhost ~]# sasldblistusers2 -f /etc/libvirt/passwd.db
bk(a)localhost.localdomain: userPassword
[root@localhost ~]#
-- bk