On Thu, Jun 07, 2012 at 05:35:54PM +0300, Itamar Heim wrote: > On 06/07/2012 09:58 AM, Wenyi Gao wrote: > >On 2012-06-07 13:51, Zhou Zheng Sheng wrote: > >>Hi, > >>It is because normal user do not have the privilege to access the keys > >>in /etc/pki/vdsm/keys/ and certificates in /etc/pki/vdsm/certs/. You > >>can su to root or sudo vdsClient to use SSL connection. > >> > >>于 2012年06月07日 13:03, Wenyi Gao 写道: > >>> > >>>Hi guys, > >>> > >>>When I ran the cmmand "vdsClient -s 0 getVdsCaps", I got the > >>>following error: > >>> > >>> > >>>$ vdsClient -s 0 getVdsCaps > >>>Traceback (most recent call last): > >>> File "/usr/share/vdsm/vdsClient.py", line 2275, in <module> > >>> code, message = commands[command][0](commandArgs) > >>> File "/usr/share/vdsm/vdsClient.py", line 403, in do_getCap > >>> return self.ExecAndExit(self.s.getVdsCapabilities()) > >>> File "/usr/lib64/python2.7/xmlrpclib.py", line 1224, in __call__ > >>> return self.__send(self.__name, args) > >>> File "/usr/lib64/python2.7/xmlrpclib.py", line 1578, in __request > >>> verbose=self.__verbose > >>> File "/usr/lib64/python2.7/xmlrpclib.py", line 1264, in request > >>> return self.single_request(host, handler, request_body, verbose) > >>> File "/usr/lib64/python2.7/xmlrpclib.py", line 1292, in single_request > >>> self.send_content(h, request_body) > >>> File "/usr/lib64/python2.7/xmlrpclib.py", line 1439, in send_content > >>> connection.endheaders(request_body) > >>> File "/usr/lib64/python2.7/httplib.py", line 954, in endheaders > >>> self._send_output(message_body) > >>> File "/usr/lib64/python2.7/httplib.py", line 814, in _send_output > >>> self.send(msg) > >>> File "/usr/lib64/python2.7/httplib.py", line 776, in send > >>> self.connect() > >>> File "/usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py", > >>>line 98, in connect > >>> cert_reqs=self.cert_reqs) > >>> File "/usr/lib64/python2.7/ssl.py", line 381, in wrap_socket > >>> ciphers=ciphers) > >>> File "/usr/lib64/python2.7/ssl.py", line 141, in __init__ > >>> ciphers) > >>>SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 > >>>certificate routines:X509_load_cert_crl_file:system lib > >>> > >>> > >>> > >>>But if I set "ssl = false" in /etc/vdsm/vdsm.conf, then run > >>>"vdsClient 0 getVdsCaps", the problem goes away. > >>> > >>>Does anyone know what causes the problem above? Thanks. > >>> > >>> > >>>Wenyi Gao > >>> > >>> > >>> > >>>_______________________________________________ > >>>vdsm-devel mailing list > >>>vdsm-devel@lists.fedorahosted.org > >>>https://fedorahosted.org/mailman/listinfo/vdsm-devel > >> > >>-- > >>Thanks and best regards! > >> > >>Zhou Zheng Sheng / 周征晟 > >>E-mail:zhshz...@linux.vnet.ibm.com > >>Telephone: 86-10-82454397 > >> > >> > >>_______________________________________________ > >>vdsm-devel mailing list > >>vdsm-devel@lists.fedorahosted.org > >>https://fedorahosted.org/mailman/listinfo/vdsm-devel > > > >Yes, it works. Thanks. > > maybe send a patch to check the permissions and give a proper error > message for the next user failing on this?
+1. Great suggestion! -- Adam Litke <a...@us.ibm.com> IBM Linux Technology Center _______________________________________________ vdsm-devel mailing list vdsm-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/vdsm-devel
