[libvirt] remote driver RPC API usage breaks launching ssh askpass
This commit broke launching SSH askpass from virt-manager: http://libvirt.org/git/?p=libvirt.git;a=commit;h=c1b226447781ba8367606f760dd... Using upstream virt-manager, running python src/virt-manager.py and trying to connect to a remote SSH connection without SSH keys causes a segfault: #0 virNetSocketRead (sock=0xc, buf=0x7f746c006458 "", len=4) at rpc/virnetsocket.c:969 #1 0x00007f7477ea7374 in virNetClientIOReadMessage (client=0x7f746c006400) at rpc/virnetclient.c:712 #2 virNetClientIOHandleInput (client=0x7f746c006400) at rpc/virnetclient.c:731 #3 0x00007f7477ea7ae0 in virNetClientIncomingEvent (sock=0x7f746c002040, events=<value optimized out>, opaque=0x7f746c006400) at rpc/virnetclient.c:1120 #4 0x00007f74782332ce in libvirt_virEventInvokeHandleCallback ( self=<value optimized out>, args=<value optimized out>) at libvirt-override.c:2997 #5 0x0000003075ee965b in call_function (f=<value optimized out>, throwflag=<value optimized out>) at /usr/src/debug/Python-2.7/Python/ceval.c:4071 #6 PyEval_EvalFrameEx (f=<value optimized out>, throwflag=<value optimized out>) at /usr/src/debug/Python-2.7/Python/ceval.c:2721 ... If you apply the following patch to virt-manager: $ cat a diff --git a/src/virt-manager.py.in b/src/virt-manager.py.in index cf0a20e..4d3f1c6 100755 --- a/src/virt-manager.py.in +++ b/src/virt-manager.py.in @@ -357,8 +357,8 @@ def main(): "disabling DBus service") # Hook libvirt events into glib main loop - import virtManager.libvirtglib - virtManager.libvirtglib.register_event_impl() + #import virtManager.libvirtglib + #virtManager.libvirtglib.register_event_impl() # At this point we're either starting a brand new controlling instance, # or the dbus comms to existing instance has failed rerun make, and reproduce the error, libvirt raises an exception from virConnectOpenAuth: libvirtError: Cannot recv data: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). : Connection reset by peer I haven't poked at it yet, putting it here incase anyone else has ideas. - Cole
On Tue, Jul 19, 2011 at 04:07:17PM -0400, Cole Robinson wrote:
This commit broke launching SSH askpass from virt-manager:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=c1b226447781ba8367606f760dd...
Using upstream virt-manager, running
python src/virt-manager.py
and trying to connect to a remote SSH connection without SSH keys causes a segfault:
#0 virNetSocketRead (sock=0xc, buf=0x7f746c006458 "", len=4) at rpc/virnetsocket.c:969 #1 0x00007f7477ea7374 in virNetClientIOReadMessage (client=0x7f746c006400) at rpc/virnetclient.c:712 #2 virNetClientIOHandleInput (client=0x7f746c006400) at rpc/virnetclient.c:731 #3 0x00007f7477ea7ae0 in virNetClientIncomingEvent (sock=0x7f746c002040, events=<value optimized out>, opaque=0x7f746c006400) at rpc/virnetclient.c:1120
I believe this should already be fixed in GIT.
rerun make, and reproduce the error, libvirt raises an exception from virConnectOpenAuth:
libvirtError: Cannot recv data: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). : Connection reset by peer
I haven't poked at it yet, putting it here incase anyone else has ideas.
Most likely bet is that we run ssh with different environment variables than we used to. We now do: cmd = virCommandNew(binary ? binary : "ssh"); virCommandAddEnvPassCommon(cmd); virCommandAddEnvPass(cmd, "SSH_AUTH_SOCK"); virCommandAddEnvPass(cmd, "SSH_ASKPASS"); virCommandClearCaps(cmd); I guess it probably wants to have 'DISPLAY' passed through too. Can you see if this is sufficient. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
On 07/20/2011 07:32 AM, Daniel P. Berrange wrote:
On Tue, Jul 19, 2011 at 04:07:17PM -0400, Cole Robinson wrote:
This commit broke launching SSH askpass from virt-manager:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=c1b226447781ba8367606f760dd...
Using upstream virt-manager, running
python src/virt-manager.py
and trying to connect to a remote SSH connection without SSH keys causes a segfault:
#0 virNetSocketRead (sock=0xc, buf=0x7f746c006458 "", len=4) at rpc/virnetsocket.c:969 #1 0x00007f7477ea7374 in virNetClientIOReadMessage (client=0x7f746c006400) at rpc/virnetclient.c:712 #2 virNetClientIOHandleInput (client=0x7f746c006400) at rpc/virnetclient.c:731 #3 0x00007f7477ea7ae0 in virNetClientIncomingEvent (sock=0x7f746c002040, events=<value optimized out>, opaque=0x7f746c006400) at rpc/virnetclient.c:1120
I believe this should already be fixed in GIT.
Thanks, segfault is indeed fixed.
rerun make, and reproduce the error, libvirt raises an exception from virConnectOpenAuth:
libvirtError: Cannot recv data: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). : Connection reset by peer
I haven't poked at it yet, putting it here incase anyone else has ideas.
Most likely bet is that we run ssh with different environment variables than we used to. We now do:
cmd = virCommandNew(binary ? binary : "ssh"); virCommandAddEnvPassCommon(cmd); virCommandAddEnvPass(cmd, "SSH_AUTH_SOCK"); virCommandAddEnvPass(cmd, "SSH_ASKPASS"); virCommandClearCaps(cmd);
I guess it probably wants to have 'DISPLAY' passed through too. Can you see if this is sufficient.
Adding DISPLAY makes askpass appear, thanks. I was hitting some other issues that were exacerbated by a virt-manager bug: http://git.fedorahosted.org/git?p=virt-manager.git;a=commit;h=b8c1d66801e879... I'll submit a libvirt patch shortly for the DISPLAY issue shortly. Thanks, Cole
participants (2)
-
Cole Robinson -
Daniel P. Berrange