Red Hat Bugzilla – Bug 1340809
Testing connection timeout when input regular user of conversion server with checked "use sudo......"button
Last modified: 2016-11-03 14:00:29 EDT
Description of problem: Testing connection timeout when input regular user of conversion server with checked "use sudo......"button Version-Release number of selected component (if applicable): libguestfs-1.32.4-2.el7.x86_64 virt-v2v-1.32.4-2.el7.x86_64 virt-p2v-1.32.4-1.el7.iso How reproducible: 100% Steps to Reproduce: 1.Boot the source machine into p2v client via iso 2.Input the correct ip and REGULAR user with correct password of conversion server 3.Select the "Use sudo when running virt-v2v"button 4.Click the "Test connection" button 5.Get the error:timeout waiting for virt-v2v --version output.Please check the screenshot in attachment Actual results: As above step 5 Expected results: It's should be testing connection successfully, the "Next"button will available Additional info: 1.It's also can reproduce on virt-p2v-1.28.1-1.51.3.el7.1 2.If unselect the "Use sudo when running virt-v2v " with regular user ,it's will testing connection successfully.The "Next "button will available 3.Try to convert it without "use sudo when running virt-v2v " select failed, please check the log "without_sudo " 4.Try to convert it with "use sudo when running virt-v2v " select failed, please check the log "with_sudo "
Created attachment 1162772 [details] screenshot for virt-p2v_client
Created attachment 1162775 [details] without_sudo selected
Created attachment 1162776 [details] with_sudo_selected
The "Use sudo when running virt-v2v" checkbox means that it will try to run "sudo virt-v2v --version" instead of "virt-v2v --version" on the conversion server, after a successful SSH login. Login to the conversion server with the same credentials shown in attachment 1162772 [details] and try to run "sudo virt-v2v --version", do you get something like: $ sudo whoami [sudo] password for kean: with the prompt that waits for your password? If so, then we can just pass -n/--non-interactive to sudo, so it will error out immediately in this case, instead of waiting for a password input.
(In reply to Pino Toscano from comment #5) > The "Use sudo when running virt-v2v" checkbox means that it will try to run > "sudo virt-v2v --version" instead of "virt-v2v --version" on the conversion > server, after a successful SSH login. > > Login to the conversion server with the same credentials shown in attachment > 1162772 [details] and try to run "sudo virt-v2v --version", do you get > something like: > > $ sudo whoami > [sudo] password for kean: > > with the prompt that waits for your password? If so, then we can just pass > -n/--non-interactive to sudo, so it will error out immediately in this case, > instead of waiting for a password input. Update check manual page for this bug 1.Check the manual page for virt-p2v #man virt-p2v ...... Normally you must log in to the conversion server as root, but if you check the following box: | | | [ ] Use sudo when running virt-v2v | | | then you can log in as another user, and virt-p2v will use the sudo(8) command to elevate privileges to root. Note that sudo must not require a password. ...... Follow your steps do the testing: yes, I can meet need request password as your said
Thanks for testing -- patch posted: https://www.redhat.com/archives/libguestfs/2016-May/msg00247.html
Fixed with https://github.com/libguestfs/libguestfs/commit/603f4f1c230a459462e4fddb0ab7a766ae2f6199 which is in libguestfs >= 1.33.33.
I can reproduce this issue with build: virt-p2v-1.32.4-3.el7.iso Then try to verify this bug with new build: virt-p2v-1.32.5-5.el7.iso Steps: 1.Boot the source machine into p2v client via iso 2.After virt-p2v client launched, fill information items: Conversion server: 10.66.71.81 3.Select the "Use sudo when running virt-v2v"button 4.Click the "Test connection" button 5.Get the error:timeout waiting for virt-v2v --version output.Please check the
I'm so sorry about wrong operation, please ignore Comment 10, thanks.
I can reproduce this issue with build: virt-p2v-1.32.4-3.el7.iso Then try to verify this bug with new build: virt-p2v-1.32.5-5.el7.iso Steps: Scenario-1 non-root user run sudo without password steup: a. login in conversion with root user, then configure file /etc/sudoers to add user 'juzhou' in sudoers file and can run sudo without password # vim /etc/sudoers ... ## Allow root to run any commands anywhere root ALL=(ALL) ALL juzhou ALL=(ALL) NOPASSWD: ALL<-----Add this line, then save file. ... b. Login conversion server with 'juzhou' again and check modification take effects. $ sudo whoami root 1.1 Boot the source machine into p2v client via iso 1.2 After virt-p2v client launched, fill information as following: Conversion server: 10.66.71.81 : 22 User name:juzhou(a non-root user) Password:****** 1.3 Check "Use sudo when running virt-v2v" button 1.4 Press "Test connection" button Result: 1. After 'Test connection' finished, we can see message: Connected to the conversion server. Press the "Next" button to configure the conversion process. Then we can press "Next" button to continue. Scenario-2 non-root user run sudo with password $ sudo whoami [sudo] password for juzhou: juzhou is not in the sudoers file. This incident will be reported. 2.1 Boot the source machine into p2v client via iso 2.2 After virt-p2v client launched, fill information as following: Conversion server: 10.66.71.81 : 22 User name:juzhou(a non-root user) Password:****** 2.3 Check "Use sudo when running virt-v2v" button 2.4 Press "Test connection" button Result: 1. 'Test connection' failed with error message: virt-v2v is not installed on the conversion server, or it might be a too old version. Details please see png-1. 2.Check virt-v2v version by command. # virt-v2v --version virt-v2v 1.32.5rhel=7,release=5.el7,libvirt In fact virt-v2v is installed in conversion server and is the latest one. For scenario-2, the error message is not right and clear to user. so Pino Toscano, please help me have a look of my steps, thanks.
Created attachment 1171325 [details] png-1
(In reply to zhoujunqin from comment #12) > Scenario-2 non-root user run sudo with password > $ sudo whoami > [sudo] password for juzhou: > juzhou is not in the sudoers file. This incident will be reported. > > 2.1 Boot the source machine into p2v client via iso > 2.2 After virt-p2v client launched, fill information as following: > Conversion server: 10.66.71.81 : 22 > User name:juzhou(a non-root user) > Password:****** > 2.3 Check "Use sudo when running virt-v2v" button > 2.4 Press "Test connection" button > > Result: > 1. 'Test connection' failed with error message: > virt-v2v is not installed on the conversion server, or it might be a too old > version. > Details please see png-1. > > 2.Check virt-v2v version by command. > # virt-v2v --version > virt-v2v 1.32.5rhel=7,release=5.el7,libvirt > > In fact virt-v2v is installed in conversion server and is the latest one. > > For scenario-2, the error message is not right and clear to user. > > so Pino Toscano, please help me have a look of my steps, thanks. The steps I see are correct -- OTOH you are describing a new bug, that the error message in this case is not clear. The original issue in this bug (connection timing out) looks solved to me. Can you please file a new bug for the unclear error message? Thanks.
What is happening in comment 12 scenario 2: virt-p2v logs into the conversion server and tries to run sudo -n virt-v2v --version This fails because sudo is not permitted without a password. The error message (which is hidden by virt-p2v) would be something like: sudo: a password is required I will add a commit to make the error message better.
Hi Pino, I have some query about Scenario-1 non-root user run sudo without password Do you mean that if customer want to use regular user in p2v client and select "Use sudo when running virt-v2v" to elevate root privileges to regular user, he must configure regular user in sudoers file at first?
(In reply to mxie@redhat.com from comment #16) > Do you mean that if customer want to use regular user in p2v client and > select "Use sudo when running virt-v2v" to elevate root privileges to > regular user, he must configure regular user in sudoers file at first? Yes, that is correct. It is also already mentioned in the virt-p2v manual page (see also comment #6).
(In reply to Pino Toscano from comment #14) > The steps I see are correct -- OTOH you are describing a new bug, that the > error message in this case is not clear. Fixed upstream with commit https://github.com/libguestfs/libguestfs/commit/5b6a8e086264c85fb048c0eadff6c34351663133
(In reply to Pino Toscano from comment #18) > (In reply to Pino Toscano from comment #14) > > The steps I see are correct -- OTOH you are describing a new bug, that the > > error message in this case is not clear. > > Fixed upstream with commit > https://github.com/libguestfs/libguestfs/commit/ > 5b6a8e086264c85fb048c0eadff6c34351663133 Hi Pino I have filed a bug for this problem,https://bugzilla.redhat.com/show_bug.cgi?id=1349342, thanks
(In reply to zhoujunqin from comment #19) > (In reply to Pino Toscano from comment #18) > > (In reply to Pino Toscano from comment #14) > > > The steps I see are correct -- OTOH you are describing a new bug, that the > > > error message in this case is not clear. > > > > Fixed upstream with commit > > https://github.com/libguestfs/libguestfs/commit/ > > 5b6a8e086264c85fb048c0eadff6c34351663133 > > Hi Pino > I have filed a bug for this > problem,https://bugzilla.redhat.com/show_bug.cgi?id=1349342, thanks Thank you.
Try to verify this bug again with build: virt-p2v-1.32.5-6.el7.iso Steps: Environment setup: To enable non-root user sudo is permitted without a password a. login in conversion with root user, then configure file /etc/sudoers to add user 'juzhou' in sudoers file and can run sudo without password # vim /etc/sudoers ... ## Allow root to run any commands anywhere root ALL=(ALL) ALL juzhou ALL=(ALL) NOPASSWD: ALL<-----Add this line, then save file. ... b. Login conversion server with 'juzhou' again and check modification take effects. $ sudo whoami root 1. Boot the source machine into p2v client via iso 2. After virt-p2v client launched, fill information as following: Conversion server: 10.66.xx.xx : 22 User name:juzhou(a non-root user) Password:****** 3. Check "Use sudo when running virt-v2v" button 4. Press "Test connection" button Result: After 'Test connection' finished, we can see message: Connected to the conversion server. Press the "Next" button to configure the conversion process. No timeout showing during testing connection,then we can press "Next" button to continue and conversion will finish with no error. So move this bug from ON_QA to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2576.html