Hi list, I've been thinking and I think the right question is: - about which is libvirt access to sasl, socket? - which is transmitted? and - what is expected libvirt? (e.g. shadow have no service/application assignment) :) regards Robyn 2012/1/18 Robyn Bachofer <r.bachofer@googlemail.com>
Hi list,
i have a problem with virt-manager authentication over tcp.
I tried it with virt-manager over non-TLS "TCP (SASL/Kerberos)" auth. and the sasl mechanism "shadow". The user (tested with unprivileged user and root) is allready in the group libvirt(d) and the process is running as root.
The result on host: Jan 18 21:05:31 host libvirtd: 21:05:31.620: error : remoteDispatchAuthSaslStep:3691 : sasl step failed -20 (SASL(-13): user not found: no secret in database)
on client (virt-manager gui): ... ('virtConnectOpenAuth() faild') ..
I have tested it with tool "testsaslauthd" and their result: e.g.: # testsaslauthd -u root -p root 0: OK "Success."
When i set it manually with saslpasswd: # saslpasswd2 -a libvirt root -p it works.
Although I use, in the configuration of sasl, shadow, libvirt does not use it (i think so).
Host: debian6.0.3 (squeez) libvirt 0.8.3 (deb) sasl2.1.23 (deb)
:-)
Best regards, Robyn