[Users] Fwd: Trouble with SSO rhev-agent and rhev-agent-pam-rhev-cred

Karli Sjöberg Karli.Sjoberg at slu.se
Fri Apr 26 09:12:06 UTC 2013 

Hi!

I´m trying to get this working for our VDI solution, would be awfully cool. But so far, this seems to be what´s stopping it:

/var/log/ovirt-guest-agent/ovirt-guest-agent.log
Dummy-1::DEBUG::2013-04-26 11:02:11,840::OVirtAgentLogic::178::root::AgentLogicBase::sendUserInfo - cur_user = '(unknown)'

Over and over again.

This is what´s installed in the Fedora 17 guest:
# rpm -qa | grep ovirt-
ovirt-guest-agent-common-1.0.6-6.fc17.noarch
ovirt-guest-agent-gdm-plugin-1.0.6-6.fc17.x86_64
ovirt-guest-agent-pam-module-1.0.6-6.fc17.x86_64

And this is the engine:
# rpm -qa | grep ovirt-
ovirt-engine-config-3.1.0-4.fc17.noarch
ovirt-engine-dbscripts-3.1.0-4.fc17.noarch
ovirt-log-collector-3.1.0-0.git10d719.fc17.noarch
ovirt-engine-restapi-3.1.0-4.fc17.noarch
ovirt-image-uploader-3.1.0-0.git9c42c8.fc17.noarch
ovirt-engine-genericapi-3.1.0-4.fc17.noarch
ovirt-iso-uploader-3.1.0-0.git1841d9.fc17.noarch
ovirt-engine-webadmin-portal-3.1.0-4.fc17.noarch
ovirt-engine-setup-3.1.0-4.fc17.noarch
ovirt-engine-sdk-3.2.0.2-1.fc17.noarch
ovirt-engine-backend-3.1.0-4.fc17.noarch
ovirt-engine-tools-common-3.1.0-4.fc17.noarch
ovirt-engine-3.1.0-4.fc17.noarch
ovirt-engine-userportal-3.1.0-4.fc17.noarch
ovirt-engine-notification-service-3.1.0-4.fc17.noarch

The engine is joined to our Active Directory domain, and the guest is as well, using winbind. Help?

Best Regards
Karli Sjöberg

tis 2012-08-21 klockan 15:15 +0400 skrev Artem:
Hi,

i don't have /var/log/ovirt-guest-agent.log, i have /var/log/rhev-agent/rhev-agent.log.

i set in /etc/rhev-agent.conf

...
[logger_root]
level=DEBUG
...

but log file output

...
Dummy-2::DEBUG::2012-08-21 15:09:56,698::vdsAgentLogic::160::root::AgentLogicBase::sendUserInfo - cur_user = 'root'
Dummy-2::DEBUG::2012-08-21 15:10:06,719::vdsAgentLogic::160::root::AgentLogicBase::sendUserInfo - cur_user = 'root'
Dummy-2::DEBUG::2012-08-21 15:10:16,739::vdsAgentLogic::160::root::AgentLogicBase::sendUserInfo - cur_user = 'root'
Dummy-2::DEBUG::2012-08-21 15:10:26,836::vdsAgentLogic::160::root::AgentLogicBase::sendUserInfo - cur_user = 'root'
Dummy-2::DEBUG::2012-08-21 15:10:36,857::vdsAgentLogic::160::root::AgentLogicBase::sendUserInfo - cur_user = 'root'
....

I cannot build ovirt-guest-agent for Centos 6 (aka Rhel 6) and used rhev-agent and rhev-agent-pam-rhev-cred.

hmm..

>> Linux machine is not configure to work with the same authentication server

~]# getent passwd sirin
sirin:*:193200001:193200001:sirin zarin:/home/sirin:/bin/sh

User sirin used FreeIPA.

Artem

2012/8/20 Gal Hammer <ghammer at redhat.com<mailto:ghammer at redhat.com>>
On 20/08/2012 08:31, Roy Golan wrote:

Cannot login with SSO on system...

cat /var/log/secure

Aug 19 03:54:43 ws2 pam: gdm-rhevcred[2618]:
pam_unix(gdm-rhevcred:auth): conversation failed
Aug 19 03:54:43 ws2 pam: gdm-rhevcred[2618]:
pam_unix(gdm-rhevcred:auth): auth could not identify password for
[sirin]
Aug 19 03:54:43 ws2 pam: gdm-rhevcred[2618]:
pam_sss(gdm-rhevcred:auth): system info: [Cannot read password]
Aug 19 03:54:43 ws2 pam: gdm-rhevcred[2618]:
pam_sss(gdm-rhevcred:auth): authentication failure; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=sirin
Aug 19 03:54:43 ws2 pam: gdm-rhevcred[2618]:
pam_sss(gdm-rhevcred:auth): received for user sirin: 4 (System error)
Aug 19 03:54:43 ws2 pam: gdm-password[2617]:
pam_unix(gdm-password:auth): conversation failed
Aug 19 03:54:43 ws2 pam: gdm-password[2617]:
pam_unix(gdm-password:auth): auth could not identify password for
[sirin]
Aug 19 03:54:43 ws2 pam: gdm-password[2617]:
pam_sss(gdm-password:auth): system info: [Cannot read password]
Aug 19 03:54:43 ws2 pam: gdm-password[2617]:
pam_sss(gdm-password:auth): authentication failure; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=sirin
Aug 19 03:54:43 ws2 pam: gdm-password[2617]:
pam_sss(gdm-password:auth): received for user sirin: 4 (System error)
Aug 19 03:54:43 ws2 pam: gdm-password[2617]: gkr-pam: no password is
available for user

But login with user and password done... I use FreeIPA for this user.

What could be wrong?


What does the agent's log say (/var/log/ovirt-guest-agent.log)?

Usually, if everything is running as it should, the problem is that the Linux machine is not configure to work with the same authentication server as the one that the RHEV-M is using.

    Gal.



--

Med Vänliga Hälsningar
-------------------------------------------------------------------------------
Karli Sjöberg
Swedish University of Agricultural Sciences
Box 7079 (Visiting Address Kronåsvägen 8)
S-750 07 Uppsala, Sweden
Phone:  +46-(0)18-67 15 66
karli.sjoberg at slu.se<mailto:karli.sjoberg at adm.slu.se>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20130426/c60fb042/attachment-0001.html>

More information about the Users mailing list