On 05/21/2012 08:03 PM, Hubert Zhang wrote:
https://www.redhat.com/archives/libvirt-users/2012-May/msg00005.html
When I run the sample code with the case of Python code for using qemu+tcp with SASL, I
always got this SASL error:
Traceback (most recent call last):
File "esxList.py", line 102, in ?
conn = libvirt.openAuth(uri, auth, 0)
File "/usr/lib/python2.4/site-packages/libvirt.py", line 102, in openAuth
if ret is None:raise libvirtError('virConnectOpenAuth() failed')
libvirt.libvirtError: authentication failed: Failed to start SASL negotiation: -4
(SASL(-4): no mechanism available:
I have no problem to run the C&java code with qemu+tcp with SASL. Is it possible an
error of Python binding?
Thanks,
-Hubert
Hello,
I tried to reproduce this issue and I almost got to the same point as
you did. Explaining how and why would take a very long time and probably
wouldn't be that interesting, so I'll skip to the point. I was reading
through the documentation and there's probably a little mistake (to be
sure, I have to look at it), but what worked for me was putting client
certificate info into '/etc/pki/libvirt/' instead of
'/etc/pki/libvirt/private/'. I also couldn't run the server with server
certificates in '/etc/pki/libvirt/' and had to put them in
'/etc/pki/libvirt/private/', that's why I'm thinking this will be just a
mistake in the docs. I'll have a look at it and fix it if it's like this.
Maybe it seems like this could not be the problem, because you get this
error only when using python, but what I think is, that by modifying
esxlist.py, you used 'qemu://<hostname>/system' or something like that
and that is not the same as 'qemu+tcp'. The reason is that when the
connection is not specified, than for remote connections it defaults to
tls, so you were using 'qemu(+tls)' in python, but tested it in virsh
with 'qemu+tcp'. Definitely try virsh with 'qemu+tls', I bet you'll
see
error as well and then try moving the certificates as I did and I hope
everything will work for you then.
Have a nice day,
Martin