Re: [libvirt] problems with remote authentication with policykit
I wrote:
> Ok, this bit definitely sounds like a server side bug, unless
> perhaps there is some buffering taking place in ssh or nc
> causing the errore reply packet to not be send back promptly
I'll try to get some better traces of what's going on here.
The error is getting back to the client. On the client,
remoteAuthenticate does fail and return -1. The client then
ends up blocked in the waitpid at remote_internal.c:877:
865 failed:
866 /* Close the socket if we failed. */
867 if (priv->sock >= 0) {
868 if (priv->uses_tls && priv->session) {
869 gnutls_bye (priv->session, GNUTLS_SHUT_RDWR);
870 gnutls_deinit (priv->session);
871 }
872 close (priv->sock);
873 #ifndef WIN32
874 if (priv->pid > 0) {
875 pid_t reap;
876 do {
877 reap = waitpid(priv->pid, NULL, 0);
878 if (reap == -1 && errno == EINTR)
879 continue;
880 } while (reap != -1 && reap != priv->pid);
881 }
882 #endif
883 }
Nothing gets printed up until this point, which is why there's no
output.
I guess the client is waiting for SSH to die, which isn't happening
for some reason. That must be a bug on the server side, although
the client should also probably be more robust in this case..
-jim