On Wed, Dec 14, 2011 at 11:07:13AM +0100, Josip Deanovic wrote:
On Wednesday 2011-12-14, Josip Deanovic wrote:
On Wednesday 2011-12-14, Dave Allan wrote:
I was playing with SASL authentication a bit today and I wasn't able to get libvirt to authenticate against PAM (or anything else except the sasldb, although I didn't try Kerberos). Does anybody know off the top of their head what mechanisms/password check options work? I'm trying to figure out if I'm attempting the impossible.
Dave
Hi Dave,
Here is my working configuration with sql backend. I am using postgres.
mech_list: digest-md5 pwcheck_method: auxprop auxprop_plugin: sql sql_engine: pgsql sql_hostnames: localhost sql_user: qemukvm sql_passwd: secret sql_database: qemukvmdb sql_select: select password from qemuusers where username = '%u'
To make use of PAM as far as I know you will have to use saslauthd method.
And here is the list of relevant sasl options (I am not sure if it's up to date): http://asyd.net/docs/cyrus-options.html
Sorry, I was mistakenly referring to sasl authentication for vnc client with sasl support. However, this configuration might work with libvit with little or no modifications. However I never tried to authenticate to libvrit using sasl.
Good info nonetheless, thanks. Dave
-- Josip Deanovic
_______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users