On Wednesday 2011-12-14, Josip Deanovic wrote:
On Wednesday 2011-12-14, Dave Allan wrote:
> I was playing with SASL authentication a bit today and I wasn't able
> to get libvirt to authenticate against PAM (or anything else except
> the sasldb, although I didn't try Kerberos). Does anybody know off
> the top of their head what mechanisms/password check options work?
> I'm trying to figure out if I'm attempting the impossible.
>
> Dave
Hi Dave,
Here is my working configuration with sql backend. I am using postgres.
mech_list: digest-md5
pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: pgsql
sql_hostnames: localhost
sql_user: qemukvm
sql_passwd: secret
sql_database: qemukvmdb
sql_select: select password from qemuusers where username = '%u'
To make use of PAM as far as I know you will have to use saslauthd
method.
And here is the list of relevant sasl options (I am not sure if it's up
to date):
http://asyd.net/docs/cyrus-options.html
Sorry, I was mistakenly referring to sasl authentication for vnc client with
sasl support.
However, this configuration might work with libvit with little or no
modifications. However I never tried to authenticate to libvrit using sasl.
--
Josip Deanovic