[libvirt] Debug the username/passwords

Hopefully this is the last question I have on the Java drivers. I am trying to debug the callback from openAuth(). I am passing back what I think is valid information, but I see in /var/log/messages the following: Jul 28 16:21:24 localhost libvirtd: sasl step failed -20 (SASL(-13): user not found: no secret in database) Is there a way to output what I have passed back in the credential responses? Setting the following in the /etc/libvirt/libvirtd.conf file does not seem to increase the logging: log_level=1 log_outputs="1:stderr 1:syslog:bk 1:file:virsh.log" and setting LIBVIRT_DEBUG=1,and launching libvirtd from the command line does not spit out the info. -- bk

On Tue, Jul 28, 2009 at 04:58:17PM -0400, Bryan Kearney wrote:
Hopefully this is the last question I have on the Java drivers. I am trying to debug the callback from openAuth(). I am passing back what I think is valid information, but I see in /var/log/messages the following:
Jul 28 16:21:24 localhost libvirtd: sasl step failed -20 (SASL(-13): user not found: no secret in database)
That says its getting a username, but not matching. NB, make sure you use VIR_CRED_USERNAME, rather than VIR_CRED_AUTHNAME. The latter is most never what you want
Is there a way to output what I have passed back in the credential responses? Setting the following in the /etc/libvirt/libvirtd.conf file does not seem to increase the logging:
We explicitly don't include auth credentials in the debug log to avoid compromising them. So your best option is to attach GDB to the process. The qemud/remote.c file, in the remoteDispatchAuthSaslStep method, you want to peek at the 'args->data.data_val' string. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

Daniel P. Berrange wrote:
On Tue, Jul 28, 2009 at 04:58:17PM -0400, Bryan Kearney wrote:
Hopefully this is the last question I have on the Java drivers. I am trying to debug the callback from openAuth(). I am passing back what I think is valid information, but I see in /var/log/messages the following:
Jul 28 16:21:24 localhost libvirtd: sasl step failed -20 (SASL(-13): user not found: no secret in database)
That says its getting a username, but not matching.
NB, make sure you use VIR_CRED_USERNAME, rather than VIR_CRED_AUTHNAME. The latter is most never what you want
If I switch to VIR_CRED_USERNAME I am only presented with the password credential. Is this to be expected using md5-digest?
Is there a way to output what I have passed back in the credential responses? Setting the following in the /etc/libvirt/libvirtd.conf file does not seem to increase the logging:
We explicitly don't include auth credentials in the debug log to avoid compromising them. So your best option is to attach GDB to the process. The qemud/remote.c file, in the remoteDispatchAuthSaslStep method, you want to peek at the 'args->data.data_val' string.
will do.. thanks. -- bk
participants (2)
-
Bryan Kearney
-
Daniel P. Berrange