Hi Carlos, This may be due to a eager timeout that the core imposes over the ldap driver.
Please find attached a patch for the OpenNebula source code, please apply it, recompile and reinstall, we would appreciate feedback on wether this fixes the improper ldap plugin behavior or not. Regards, -Tino -- Constantino Vázquez Blanco, MSc OpenNebula Major Contributor www.OpenNebula.org | @tinova79 On Sat, Jun 11, 2011 at 10:22 AM, Carlos A. <[email protected]> wrote: > Hello, > > any help on this? is ldap addon supposed to work with opennebula 2.2? has > anyone tried it? > > El 09/06/2011 10:46, Carlos A. escribió: >> >> Hello, >> >> first of all, thank you for your response. >> >> Once I have managed to make ldap_auth work, I found the following issue: >> >> root@keo01:/srv/cloud/one# onevm list >> execution expired >> >> I cannot manage to athenticate against my ldap server. I have tried the >> ldap authentication that is carried out by ONE >> >> require 'rubygems' >> require 'net/ldap' >> ldap = Net::LDAP.new >> ldap.host = "my.ldap.server" >> ldap.port = 389 >> ldap.auth "my-dn", "my-pass" >> print ldap.bind >> >> It is properly working, as my server authenticates me. I have (of course) >> tried changing the password and it works as expected. >> >> Diving in the code It seems that there is some problem in the file >> "src/um/UserPool.cc", at >> authm->trigger(AuthManager::AUTHENTICATE,&ar); >> ar.wait(); >> >> Any idea? >> >> >> El 09/06/11 00:51, [email protected] escribió: >>> >>> The official OpenNebula installation instructions for the ldap driver are >>> incomplete and miss to mention some software packages that you have to >>> install first. I don't remember which ones they were, but you can find out >>> as follows: >>> >>> * cd to .../lib/ruby >>> * execute 'ruby ldap_auth.rb'. >>> * Ruby will complain about any missing packages. Install those until ruby >>> is happy. >>> >>> Carsten >>> >>> >>> Carsten Friedrich >>> Research Team leader >>> ICT Centre, GPO Box 664,Canberra, ACT 2601 >>> Phone: +61 2 6216 7019 >>> Email: [email protected] >>> Web: http://www.csiro.au/org/ICT.html >>> >>> >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of Carlos A. >>> Sent: Wednesday, 8 June 2011 18:17 >>> To: [email protected] >>> Subject: Re: [one-users] Problem with ldap authentication >>> >>> any help on this? >>> >>> El 02/06/11 16:55, Carlos A. escribió: >>>> >>>> More information on this: >>>> >>>> in /srv/cloud/one/var/oned.log I can see >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: Init OpenNebula Log system >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: Log Level: 3 >>>> [0=ERROR,1=WARNING,2=INFO,3=DEBUG] >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: >>>> ---------------------------------------- >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: OpenNebula Configuration File >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: >>>> ---------------------------------------- >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: >>>> ---------------------------------- >>>> AUTH_MAD=EXECUTABLE=/srv/cloud/one/lib/mads/one_auth_mad >>>> DB=BACKEND=sqlite >>>> DEBUG_LEVEL=3 >>>> DEFAULT_DEVICE_PREFIX=hd >>>> DEFAULT_IMAGE_TYPE=OS >>>> HM_MAD=EXECUTABLE=one_hm >>>> HOST_MONITORING_INTERVAL=600 >>>> IMAGE_REPOSITORY_PATH=/srv/cloud/one/var//images >>>> IM_MAD=ARGUMENTS=-r 0 -t 15 kvm,EXECUTABLE=one_im_ssh,NAME=im_kvm >>>> MAC_PREFIX=02:00 >>>> MANAGER_TIMER=15 >>>> NETWORK_SIZE=254 >>>> PORT=2633 >>>> SCRIPTS_REMOTE_DIR=/var/tmp/one >>>> TM_MAD=ARGUMENTS=tm_nfs/tm_nfs.conf,EXECUTABLE=one_tm,NAME=tm_nfs >>>> VM_DIR=/srv/cloud/one/var/ >>>> VM_HOOK=ARGUMENTS=$VMID,COMMAND=image.rb,NAME=image,ON=DONE >>>> VM_MAD=ARGUMENTS=-t 15 -r 0 >>>> >>>> kvm,DEFAULT=vmm_ssh/vmm_ssh_kvm.conf,EXECUTABLE=one_vmm_ssh,NAME=vmm_kvm,TYPE=kvm >>>> VM_POLLING_INTERVAL=600 >>>> VNC_BASE_PORT=5900 >>>> ---------------------------------- >>>> Thu Jun 2 16:52:09 2011 [ONE][I]: Bootstraping OpenNebula database. >>>> Thu Jun 2 16:52:09 2011 [VMM][I]: Starting Virtual Machine Manager... >>>> Thu Jun 2 16:52:09 2011 [LCM][I]: Starting Life-cycle Manager... >>>> Thu Jun 2 16:52:09 2011 [VMM][I]: Virtual Machine Manager started. >>>> Thu Jun 2 16:52:09 2011 [InM][I]: Starting Information Manager... >>>> Thu Jun 2 16:52:09 2011 [InM][I]: Information Manager started. >>>> Thu Jun 2 16:52:09 2011 [LCM][I]: Life-cycle Manager started. >>>> Thu Jun 2 16:52:09 2011 [TrM][I]: Starting Transfer Manager... >>>> Thu Jun 2 16:52:09 2011 [DiM][I]: Starting Dispatch Manager... >>>> Thu Jun 2 16:52:09 2011 [TrM][I]: Transfer Manager started. >>>> Thu Jun 2 16:52:09 2011 [DiM][I]: Dispatch Manager started. >>>> Thu Jun 2 16:52:09 2011 [ReM][I]: Starting Request Manager... >>>> Thu Jun 2 16:52:09 2011 [ReM][I]: Starting XML-RPC server, port 2633 >>>> ... >>>> Thu Jun 2 16:52:09 2011 [ReM][I]: Request Manager started. >>>> Thu Jun 2 16:52:09 2011 [HKM][I]: Starting Hook Manager... >>>> Thu Jun 2 16:52:09 2011 [AuM][I]: Starting Auth Manager... >>>> Thu Jun 2 16:52:09 2011 [AuM][I]: Authorization Manager started. >>>> Thu Jun 2 16:52:09 2011 [HKM][I]: Hook Manager started. >>>> Thu Jun 2 16:52:11 2011 [VMM][I]: Loading Virtual Machine Manager >>>> drivers. >>>> Thu Jun 2 16:52:11 2011 [VMM][I]: Loading driver: vmm_kvm (KVM) >>>> Thu Jun 2 16:52:11 2011 [VMM][I]: Driver vmm_kvm loaded. >>>> Thu Jun 2 16:52:11 2011 [InM][I]: Loading Information Manager drivers. >>>> Thu Jun 2 16:52:11 2011 [InM][I]: Loading driver: im_kvm >>>> Thu Jun 2 16:52:11 2011 [InM][I]: Driver im_kvm loaded >>>> Thu Jun 2 16:52:11 2011 [TM][I]: Loading Transfer Manager drivers. >>>> Thu Jun 2 16:52:11 2011 [VMM][I]: Loading driver: tm_nfs >>>> Thu Jun 2 16:52:11 2011 [TM][I]: Driver tm_nfs loaded. >>>> Thu Jun 2 16:52:11 2011 [HKM][I]: Loading Hook Manager driver. >>>> Thu Jun 2 16:52:11 2011 [HKM][I]: Hook Manager loaded >>>> Thu Jun 2 16:52:11 2011 [AuM][I]: Loading Auth. Manager driver. >>>> Thu Jun 2 16:52:11 2011 [MAD][E]: MAD did not answer INIT command >>>> Thu Jun 2 16:52:12 2011 [ReM][D]: VirtualMachinePoolInfo method invoked >>>> Thu Jun 2 16:52:12 2011 [AuM][E]: Auth Error: Could not find >>>> Authorization driver >>>> Thu Jun 2 16:52:12 2011 [ReM][E]: [VirtualMachinePoolInfo] User >>>> couldn't be authenticated, aborting call. >>>> >>>> It seems that it cannot find the driver as a relative path name, but I >>>> have also tried to use the full path of the auth driver. >>>> >>>> Any help would be appreciated. >>>> >>>> Regards, >>>> Carlos A. >>>> >>>> >>>> El 02/06/11 11:39, Carlos A. escribió: >>>>> >>>>> Hello, >>>>> >>>>> I have just installed the ldap authentication addon on an fresh ONE >>>>> install. I followed the instructions and I found that I cannot >>>>> authenticate against the LDAP server. >>>>> >>>>> what am I not doing in a wrong way? >>>>> >>>>> ------------------------------------------------------------ >>>>> carlos@keo01:~$ onevm list >>>>> [VirtualMachinePoolInfo] User couldn't be authenticated, aborting call. >>>>> >>>>> carlos@keo01:~$ tail /srv/cloud/one/var/oned.log >>>>> (...) >>>>> Thu Jun 2 11:27:22 2011 [AuM][E]: Auth Error: Could not find >>>>> Authorization driver >>>>> Thu Jun 2 11:27:22 2011 [ReM][E]: [VirtualMachinePoolInfo] User >>>>> couldn't be authenticated, aborting call. >>>>> (...) >>>>> >>>>> calfonso@keo01:/srv/cloud/one/lib/mads$ ls -l one_auth_mad* >>>>> -rwxr-xr-x 1 oneadmin root 1632 Jun 2 09:53 one_auth_mad >>>>> -rwxr-xr-x 1 oneadmin root 3341 Jun 2 09:58 one_auth_mad.rb >>>>> >>>>> carlos@keo01:/srv/cloud/one/lib/mads$ ls -l >>>>> /srv/cloud/one/lib/ruby/ldap_auth.rb >>>>> -rw-r--r-- 1 oneadmin cloud 1340 Jun 2 09:58 >>>>> /srv/cloud/one/lib/ruby/ldap_auth.rb >>>>> >>>>> *** content of /srv/cloud/one/etc/auth/auth.conf >>>>> :database: sqlite://auth.db >>>>> :authentication: ldap >>>>> :quota: >>>>> :enabled: false >>>>> :defaults: >>>>> :cpu: 10.0 >>>>> :memory: 1048576 >>>>> :ldap: >>>>> :host: my.ldap.server >>>>> :port: 389 >>>>> >>>>> >>>>> *** content of /srv/cloud/one/etc/oned.conf >>>>> (...) >>>>> AUTH_MAD = [ >>>>> executable = "one_auth_mad" ] >>>>> >>>>> _______________________________________________ >>>>> Users mailing list >>>>> [email protected] >>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>>> >>>> _______________________________________________ >>>> Users mailing list >>>> [email protected] >>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>> >> >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > > > -- > Carlos de Alfonso Laguna > Ingeniero de I+D > Tel. +34 963877007, ext. 88254 > mailto: [email protected] > > La información incluida en el presente correo electrónico y, en su caso, sus > anexos, es CONFIDENCIAL, siendo para el uso exclusivo del destinatario a > quien va dirigido y puede contener información privilegiada, profesional u > otra clase de información privada. Si usted recibe este mensaje y no es el > destinatario señalado le informamos de que esta prohibida cualquier > utilización del mismo sin previa autorización y le rogamos que nos lo > notifique inmediatamente de vuelta a la dirección remitente y proceda a la > destrucción del mismo. > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >
0001-Bug-Fixes-AuthRequests-time_outs-in-AuthManager.-Tes.patch
Description: Binary data
_______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
