Re: [vdsm] SSLError with vdsm

2012-06-07 Thread Wenyi Gao

On 2012-06-07 13:51, Zhou Zheng Sheng wrote:

Hi,
It is because normal user do not have the privilege to access the keys 
in /etc/pki/vdsm/keys/ and certificates in /etc/pki/vdsm/certs/. You 
can su to root or sudo vdsClient to use SSL connection.


于 2012年06月07日 13:03, Wenyi Gao 写道:


Hi guys,

When I ran the cmmand vdsClient -s 0 getVdsCaps, I got the 
following error:



$ vdsClient -s 0 getVdsCaps
Traceback (most recent call last):
  File /usr/share/vdsm/vdsClient.py, line 2275, in module
code, message = commands[command][0](commandArgs)
  File /usr/share/vdsm/vdsClient.py, line 403, in do_getCap
return self.ExecAndExit(self.s.getVdsCapabilities())
  File /usr/lib64/python2.7/xmlrpclib.py, line 1224, in __call__
return self.__send(self.__name, args)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1578, in __request
verbose=self.__verbose
  File /usr/lib64/python2.7/xmlrpclib.py, line 1264, in request
return self.single_request(host, handler, request_body, verbose)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1292, in single_request
self.send_content(h, request_body)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1439, in send_content
connection.endheaders(request_body)
  File /usr/lib64/python2.7/httplib.py, line 954, in endheaders
self._send_output(message_body)
  File /usr/lib64/python2.7/httplib.py, line 814, in _send_output
self.send(msg)
  File /usr/lib64/python2.7/httplib.py, line 776, in send
self.connect()
  File /usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py, 
line 98, in connect

cert_reqs=self.cert_reqs)
  File /usr/lib64/python2.7/ssl.py, line 381, in wrap_socket
ciphers=ciphers)
  File /usr/lib64/python2.7/ssl.py, line 141, in __init__
ciphers)
SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 
certificate routines:X509_load_cert_crl_file:system lib




But if I set ssl = false in /etc/vdsm/vdsm.conf, then run 
vdsClient 0 getVdsCaps, the problem goes away.


Does anyone know what causes the problem above? Thanks.


Wenyi Gao



___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


--
Thanks and best regards!

Zhou Zheng Sheng / 周征晟
E-mail:zhshz...@linux.vnet.ibm.com
Telephone: 86-10-82454397


___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


Yes, it works. Thanks.

Wenyi Gao
___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


Re: [vdsm] SSLError with vdsm

2012-06-07 Thread Adam Litke
On Thu, Jun 07, 2012 at 05:35:54PM +0300, Itamar Heim wrote:
 On 06/07/2012 09:58 AM, Wenyi Gao wrote:
 On 2012-06-07 13:51, Zhou Zheng Sheng wrote:
 Hi,
 It is because normal user do not have the privilege to access the keys
 in /etc/pki/vdsm/keys/ and certificates in /etc/pki/vdsm/certs/. You
 can su to root or sudo vdsClient to use SSL connection.
 
 于 2012年06月07日 13:03, Wenyi Gao 写道:
 
 Hi guys,
 
 When I ran the cmmand vdsClient -s 0 getVdsCaps, I got the
 following error:
 
 
 $ vdsClient -s 0 getVdsCaps
 Traceback (most recent call last):
   File /usr/share/vdsm/vdsClient.py, line 2275, in module
 code, message = commands[command][0](commandArgs)
   File /usr/share/vdsm/vdsClient.py, line 403, in do_getCap
 return self.ExecAndExit(self.s.getVdsCapabilities())
   File /usr/lib64/python2.7/xmlrpclib.py, line 1224, in __call__
 return self.__send(self.__name, args)
   File /usr/lib64/python2.7/xmlrpclib.py, line 1578, in __request
 verbose=self.__verbose
   File /usr/lib64/python2.7/xmlrpclib.py, line 1264, in request
 return self.single_request(host, handler, request_body, verbose)
   File /usr/lib64/python2.7/xmlrpclib.py, line 1292, in single_request
 self.send_content(h, request_body)
   File /usr/lib64/python2.7/xmlrpclib.py, line 1439, in send_content
 connection.endheaders(request_body)
   File /usr/lib64/python2.7/httplib.py, line 954, in endheaders
 self._send_output(message_body)
   File /usr/lib64/python2.7/httplib.py, line 814, in _send_output
 self.send(msg)
   File /usr/lib64/python2.7/httplib.py, line 776, in send
 self.connect()
   File /usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py,
 line 98, in connect
 cert_reqs=self.cert_reqs)
   File /usr/lib64/python2.7/ssl.py, line 381, in wrap_socket
 ciphers=ciphers)
   File /usr/lib64/python2.7/ssl.py, line 141, in __init__
 ciphers)
 SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509
 certificate routines:X509_load_cert_crl_file:system lib
 
 
 
 But if I set ssl = false in /etc/vdsm/vdsm.conf, then run
 vdsClient 0 getVdsCaps, the problem goes away.
 
 Does anyone know what causes the problem above? Thanks.
 
 
 Wenyi Gao
 
 
 
 ___
 vdsm-devel mailing list
 vdsm-devel@lists.fedorahosted.org
 https://fedorahosted.org/mailman/listinfo/vdsm-devel
 
 --
 Thanks and best regards!
 
 Zhou Zheng Sheng / 周征晟
 E-mail:zhshz...@linux.vnet.ibm.com
 Telephone: 86-10-82454397
 
 
 ___
 vdsm-devel mailing list
 vdsm-devel@lists.fedorahosted.org
 https://fedorahosted.org/mailman/listinfo/vdsm-devel
 
 Yes, it works. Thanks.
 
 maybe send a patch to check the permissions and give a proper error
 message for the next user failing on this?

+1.  Great suggestion!

-- 
Adam Litke a...@us.ibm.com
IBM Linux Technology Center

___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


[vdsm] SSLError with vdsm

2012-06-06 Thread Wenyi Gao


Hi guys,

When I ran the cmmand vdsClient -s 0 getVdsCaps, I got the following 
error:



$ vdsClient -s 0 getVdsCaps
Traceback (most recent call last):
  File /usr/share/vdsm/vdsClient.py, line 2275, in module
code, message = commands[command][0](commandArgs)
  File /usr/share/vdsm/vdsClient.py, line 403, in do_getCap
return self.ExecAndExit(self.s.getVdsCapabilities())
  File /usr/lib64/python2.7/xmlrpclib.py, line 1224, in __call__
return self.__send(self.__name, args)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1578, in __request
verbose=self.__verbose
  File /usr/lib64/python2.7/xmlrpclib.py, line 1264, in request
return self.single_request(host, handler, request_body, verbose)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1292, in single_request
self.send_content(h, request_body)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1439, in send_content
connection.endheaders(request_body)
  File /usr/lib64/python2.7/httplib.py, line 954, in endheaders
self._send_output(message_body)
  File /usr/lib64/python2.7/httplib.py, line 814, in _send_output
self.send(msg)
  File /usr/lib64/python2.7/httplib.py, line 776, in send
self.connect()
  File /usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py, 
line 98, in connect

cert_reqs=self.cert_reqs)
  File /usr/lib64/python2.7/ssl.py, line 381, in wrap_socket
ciphers=ciphers)
  File /usr/lib64/python2.7/ssl.py, line 141, in __init__
ciphers)
SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 certificate 
routines:X509_load_cert_crl_file:system lib




But if I set ssl = false in /etc/vdsm/vdsm.conf, then run vdsClient 0 
getVdsCaps, the problem goes away.


Does anyone know what causes the problem above? Thanks.


Wenyi Gao



___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


Re: [vdsm] SSLError with vdsm

2012-06-06 Thread Zhou Zheng Sheng

Hi,
It is because normal user do not have the privilege to access the keys 
in /etc/pki/vdsm/keys/ and certificates in /etc/pki/vdsm/certs/. You can 
su to root or sudo vdsClient to use SSL connection.


于 2012年06月07日 13:03, Wenyi Gao 写道:


Hi guys,

When I ran the cmmand vdsClient -s 0 getVdsCaps, I got the following 
error:



$ vdsClient -s 0 getVdsCaps
Traceback (most recent call last):
  File /usr/share/vdsm/vdsClient.py, line 2275, in module
code, message = commands[command][0](commandArgs)
  File /usr/share/vdsm/vdsClient.py, line 403, in do_getCap
return self.ExecAndExit(self.s.getVdsCapabilities())
  File /usr/lib64/python2.7/xmlrpclib.py, line 1224, in __call__
return self.__send(self.__name, args)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1578, in __request
verbose=self.__verbose
  File /usr/lib64/python2.7/xmlrpclib.py, line 1264, in request
return self.single_request(host, handler, request_body, verbose)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1292, in single_request
self.send_content(h, request_body)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1439, in send_content
connection.endheaders(request_body)
  File /usr/lib64/python2.7/httplib.py, line 954, in endheaders
self._send_output(message_body)
  File /usr/lib64/python2.7/httplib.py, line 814, in _send_output
self.send(msg)
  File /usr/lib64/python2.7/httplib.py, line 776, in send
self.connect()
  File /usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py, 
line 98, in connect

cert_reqs=self.cert_reqs)
  File /usr/lib64/python2.7/ssl.py, line 381, in wrap_socket
ciphers=ciphers)
  File /usr/lib64/python2.7/ssl.py, line 141, in __init__
ciphers)
SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 
certificate routines:X509_load_cert_crl_file:system lib




But if I set ssl = false in /etc/vdsm/vdsm.conf, then run vdsClient 
0 getVdsCaps, the problem goes away.


Does anyone know what causes the problem above? Thanks.


Wenyi Gao



___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


--
Thanks and best regards!

Zhou Zheng Sheng / 周征晟
E-mail: zhshz...@linux.vnet.ibm.com
Telephone: 86-10-82454397

___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel