Bug 1361948
| Summary: | SASL info is missing in the output of "virt-admin client-info" | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Fangge Jin <fjin> |
| Component: | libvirt | Assignee: | Erik Skultety <eskultet> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.3 | CC: | dyuan, mzhan, rbalakri, xuzhang, yafu, yanqzhan, zpeng |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-2.0.0-4.el7 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-03 18:51:09 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Fangge Jin
2016-08-01 03:15:08 UTC
Fixed upstream by:
commit 5289e21f31be226fd22bc3b512b8cc233fa24046
Author: Erik Skultety <eskultet>
AuthorDate: Thu Jul 28 16:42:04 2016 +0200
Commit: Erik Skultety <eskultet>
CommitDate: Tue Aug 2 08:25:42 2016 +0200
daemon: sasl: Don't forget to save SASL username to client's identity
Once the SASL authentication process has successfully passed, we should also
save the SASL username used to client's identity, so that when a client like
virt-admin tries to obtain it, the server will actually format the username to
the response data.
Signed-off-by: Erik Skultety <eskultet>
v2.1.0-rc1-24-g5289e21
Reproduce this bug on libvirt-2.0.0-2.el7.x86_64 Steps to reproduce: 1.Set unix rw socket authentication to sasl in /etc/libvirt/libvirtd.conf auth_unix_rw = "sasl" 2.# systemctl restart libvirtd 3.create a sasl user and set passwd # saslpasswd2 -a libvirt -c fred Password: Again (for verification): 4.Connect a virsh client: # virsh -q -c qemu:///system Please enter your authentication name: fred Please enter your password: virsh # 5.Open another terminal: # virt-admin srv-clients-list libvirtd Id Transport Connected since -------------------------------------------------- 1 unix 2016-08-10 11:29:10+0800 6. # virt-admin client-info libvirtd 1 id : 1 connection_time: 2016-08-10 11:29:10+0800 transport : unix readonly : no unix_user_id : 0 unix_user_name : root unix_group_id : 0 unix_group_name: root unix_process_id: 18831 selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 (no sasl username outputted) Verify this bug on libvirt-2.0.0-4.el7.x86_64 Steps to verify: 1.Set unix rw socket authentication to sasl in /etc/libvirt/libvirtd.conf auth_unix_rw = "sasl" 2.# systemctl restart libvirtd 3.create a sasl user and set passwd # saslpasswd2 -a libvirt -c fred Password: Again (for verification): 4.Connect a virsh client: # virsh -q -c qemu:///system Please enter your authentication name: fred Please enter your password: virsh # 5.Open another terminal: # virt-admin srv-clients-list libvirtd Id Transport Connected since -------------------------------------------------- 3 unix 2016-08-10 11:10:08+0800 6. # virt-admin client-info libvirtd 3 id : 3 connection_time: 2016-08-10 11:10:08+0800 transport : unix readonly : no sasl_user_name : fred ===> There is the sasl username outputted. unix_user_id : 0 unix_user_name : root unix_group_id : 0 unix_group_name: root unix_process_id: 15350 selinux_context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 Since the result is as expected, mark this bug as verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2577.html |