Bug 488945 - virt-manager fails to create guest remotely via digest-md5 SASL
virt-manager fails to create guest remotely via digest-md5 SASL
Product: Fedora
Classification: Fedora
Component: virt-manager (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Cole Robinson
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-03-06 07:05 EST by Alan Pevec
Modified: 2009-09-14 11:50 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-09-14 11:50:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Alan Pevec 2009-03-06 07:05:14 EST
Description of problem:
virt-manager fails to create guest remotely via digest-md5 SASL

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. configure remote libvirtd for digest-md5 SASL authentication:
listen_tls = 0
listen_tcp = 1
sasldb_path: /etc/libvirt/passwd.db
mech_list: digest-md5
 saslpasswd2 -a libvirt user1
Again (for verification): 
 service libvirtd restart

2. in virt-manager, Add Connection to QEMU, Remote Password or Kerberos
(i.e. qemu+tcp://remotehost/system )
3. user is prompted for remote SASL username/password and successfully connects,
   you can already defined remote VMs
4. go through create VM wizard, choose Network boot and pre-created disk image file to make it simple
Actual results:
[Fri, 06 Mar 2009 12:29:02 virt-manager 28585] DEBUG (create:714) Starting backg
round install process
[Fri, 06 Mar 2009 12:29:02 virt-manager 28585] DEBUG (create:718) Opening separa
te connection for the install.
[Fri, 06 Mar 2009 12:29:02 virt-manager 28585] ERROR (create:741) Unable to comp
lete install '<class 'libvirt.libvirtError'> Failed to start SASL negotiation: -
4 (SASL(-4): no mechanism available: No worthy mechs found)
Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/create.py", line 719, in do_install
    guest.conn = libvirt.open(self.connection.get_uri())
  File "/usr/lib64/python2.5/site-packages/libvirt.py", line 160, in open
    if ret is None:raise libvirtError('virConnectOpen() failed')
libvirtError: Failed to start SASL negotiation: -4 (SASL(-4): no mechanism avail
able: No worthy mechs found)

Expected results:
new remote VM is created

Additional info:
this issue exists in virt-manager--devel:


libvirt.open is used to open a separate libvirt connection for VM creation,
it should be libvirt.openAuth otherwise callbacks for entering SASL username/password are missing and SASL negotiation fails
Comment 1 Cole Robinson 2009-03-06 09:35:43 EST
Thanks for the report. I had this as a FIXME in the 'New VM' wizard rewrite, so this will hopefully be in the new version (probably cut Monday).
Comment 2 Cole Robinson 2009-03-09 21:37:23 EDT
This should be fixed upstream now:


Though this likely won't hit F10 for a while. I'll be pushing a new package to rawhide within a day, I'd appreciate it if you could give it a test at some point since I don't have a setup for it.
Comment 3 Alan Pevec 2009-03-10 08:00:44 EDT
Thanks! I'll rebuild rawhide virt-manager and python-virtinst for F10 and put them in ovirt.org yum repo.
Comment 4 Cole Robinson 2009-09-14 11:50:57 EDT
I think it's too late to be backporting a major virt-manager version to F10, so
moving this bug F11 (where it is fixed) and closing as CURRENTRELEASE.

Note You need to log in before you can comment on or make changes to this bug.