abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
AbcLinuxu hledá autory!
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
×

    dnes 08:00 | Zajímavý software

    Společnost SUSE oznámila vydání verze 1.0.0 open source multiplatformní desktopové aplikace Rancher Desktop pro správu Kubernetes a kontejnerů. Postavena je nad Electronem. Zdrojové kódy jsou k dispozici na GitHubu.

    Ladislav Hagara | Komentářů: 3
    dnes 00:22 | Bezpečnostní upozornění

    Byly zveřejněny informace o bezpečnostní chybě CVE-2022-0330 v Linuxu v ovladači i915 GPU od Intelu. Jedná se o chybějící TLB flush. Útočník může přistupovat k náhodným stránkám paměti. V upstreamu je chyba již opravena. Oprava má dopad na výkon GPU.

    Ladislav Hagara | Komentářů: 0
    včera 22:55 | Komunita

    Kolik může stát nejlevnější nový počítač s klávesnicí a displejem, na kterém lze ještě spustit Linux? Brian Benchoff se dostal k 15 dolarům [Twitter, Hacker News].

    Ladislav Hagara | Komentářů: 8
    včera 08:00 | Nová verze

    Po půl roce vývoje od vydání verze 5.8 byla vydána nová verze 5.9 svobodného open source redakčního systému WordPress. Kódové označení Josephine bylo vybráno na počest jazzové zpěvačky, herečky, tanečnice a bojovnice za svobodu a rovnoprávnost Josephine Bakerové.

    Ladislav Hagara | Komentářů: 2
    včera 07:00 | Bezpečnostní upozornění

    Byly zveřejněny informace o zranitelnosti PwnKit zneužitelné k lokální eskalaci práv, aneb rootem snadno a rychle, pomocí pkexec z balíčku polkit. Jedná se o CVE-2021-4034 s CVSS 7.8. Zranitelné jsou všechny verze pkexec od první verze vydané v květnu 2009, tj. posledních více než 12 let. V upstreamu je chyba již opravena.

    Ladislav Hagara | Komentářů: 8
    25.1. 16:55 | Nová verze

    Flameshot (GitHub), nástroj pro vytváření a úpravu snímků obrazovky postavený nad frameworkem Qt, byl vydán ve verzi 11.0.0. Změněno bylo číslování verzí. Verze 11 následuje po verzi 0.10.

    Ladislav Hagara | Komentářů: 3
    25.1. 09:00 | Komunita

    V pátek 28. ledna začíná 14. ročník konference DevConf.CZ. Jde o každoroční komunitní konferenci pro vývojáře, administrátory, DevOps inženýry, testery, autory dokumentace a další přispěvatele či uživatele technologií open source. Konference proběhne podruhé online, a to v termínu 28. - 29. ledna.

    … více »
    Dorka | Komentářů: 7
    25.1. 08:00 | Nová verze

    Byla vydána nová verze 2.35.0 distribuovaného systému správy verzí Git. Přispělo 93 vývojářů, z toho 35 nových. Přehled novinek v příspěvku na blogu GitHubu a v poznámkách k vydání.

    Ladislav Hagara | Komentářů: 2
    25.1. 07:00 | Zajímavý software

    Giada je open source minimalistický softwarový nástroj pro tvorbu hudby navržený pro diskžokeje, elektronické hudebníky a živou produkci. Vydána byla verze 0.20.0 aneb Alicanto. Vedle zdrojových kódů je ke stažení také balíček ve formátu AppImage.

    Ladislav Hagara | Komentářů: 0
    25.1. 06:00 | Nová verze

    Byla vydána první alfa verze nové major verze 4.0 multiplatformního open source herního enginu Godot (Wikipedie, GitHub). Přehled novinek v příspěvku na blogu.

    Ladislav Hagara | Komentářů: 3
    Jestliže jste používali distribuci CentOS Linux, jejíž konec byl oznámen před rokem, kam jste přešli?
     (30%)
     (1%)
     (8%)
     (20%)
     (1%)
     (4%)
     (36%)
    Celkem 215 hlasů
     Komentářů: 14, poslední 14.1. 14:44
    Rozcestník



    Dotaz: RedHat virtualizace LDAP auth, chybejci balicek

    10.1. 11:23 2012
    RedHat virtualizace LDAP auth, chybejci balicek
    Přečteno: 316×
    Ahoj, nainstaloval jsem RedHat virtualizaci pres ISO RedHatu (redhat virtualization host, RHVH-4.4-20211206.0-RHVH-x86_64-dvd1.iso).
    Zjistil jsem, ze repozitare maji jen nejaky osekany linux. Potreboval bych totiz jeste nainstalovat balicek "ovirt-engine-extension-aaa-ldap-setup.noarch", ktery je potreba pro napojeni na centralni IDM.
    Otazka je, jak tam tenhle balicek dostat, protoze v techto osekanych repozitarich neni, a klasicke RedHat repo, se mi tam prihlasit.
    
    [root@rhvh ~]# subscription-manager repos --list
    +----------------------------------------------------------+
        Available Repositories in /etc/yum.repos.d/redhat.repo
    +----------------------------------------------------------+
    Repo ID:   rhvh-4-build-for-rhel-8-x86_64-rpms
    Repo Name: Red Hat Virtualization Host Build for RHEL 8 x86_64 (RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh-build/4/os
    Enabled:   0
    
    Repo ID:   rhvh-4-build-beta-for-rhel-8-x86_64-source-rpms
    Repo Name: Red Hat Virtualization Host Build Beta for RHEL 8 x86_64 (Source RPMs)
    Repo URL:  https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/rhvh-build/4/source/SRPMS
    Enabled:   0
    
    Repo ID:   rhvh-4-build-beta-for-rhel-8-x86_64-rpms
    Repo Name: Red Hat Virtualization Host Build Beta for RHEL 8 x86_64 (RPMs)
    Repo URL:  https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/rhvh-build/4/os
    Enabled:   0
    
    Repo ID:   rhvh-4.4-for-rhel-8-x86_64-rpms
    Repo Name: Red Hat Virtualization Host 4.4 for RHEL 8 x86_64 (RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh/4.4/os
    Enabled:   0
    
    Repo ID:   jb-eap-textonly-1-for-middleware-rpms
    Repo Name: Red Hat JBoss Enterprise Application Platform Text-Only Advisories
    Repo URL:  https://cdn.redhat.com/content/dist/middleware/jbeap/1.0/$basearch/os
    Enabled:   0
    
    Repo ID:   rhvh-4.4-for-rhel-8-x86_64-debug-rpms
    Repo Name: Red Hat Virtualization Host 4.4 for RHEL 8 x86_64 (Debug RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh/4.4/debug
    Enabled:   0
    
    Repo ID:   rhvh-4-for-rhel-8-x86_64-source-rpms
    Repo Name: Red Hat Virtualization Host for RHEL 8 x86_64 (Source RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh/4/source/SRPMS
    Enabled:   0
    
    Repo ID:   rhvh-4-for-rhel-8-x86_64-rpms
    Repo Name: Red Hat Virtualization Host for RHEL 8 x86_64 (RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh/4/os
    Enabled:   0
    
    Repo ID:   jb-coreservices-textonly-1-for-middleware-rpms
    Repo Name: Red Hat JBoss Core Services Text-Only Advisories
    Repo URL:  https://cdn.redhat.com/content/dist/middleware/jbcs/1.0/$basearch/os
    Enabled:   0
    
    Repo ID:   rhvh-4-build-for-rhel-8-x86_64-source-rpms
    Repo Name: Red Hat Virtualization Host Build for RHEL 8 x86_64 (Source RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh-build/4/source/SRPMS
    Enabled:   0
    
    Repo ID:   rhvh-4-beta-for-rhel-8-x86_64-source-rpms
    Repo Name: Red Hat Virtualization Host Beta for RHEL 8 x86_64 (Source RPMs)
    Repo URL:  https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/rhvh/4/source/SRPMS
    Enabled:   0
    
    Repo ID:   rhvh-4-build-for-rhel-8-x86_64-debug-rpms
    Repo Name: Red Hat Virtualization Host Build for RHEL 8 x86_64 (Debug RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh-build/4/debug
    Enabled:   0
    
    Repo ID:   rhvh-4-for-rhel-8-x86_64-debug-rpms
    Repo Name: Red Hat Virtualization Host for RHEL 8 x86_64 (Debug RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh/4/debug
    Enabled:   0
    
    Repo ID:   rhvh-4-beta-for-rhel-8-x86_64-debug-rpms
    Repo Name: Red Hat Virtualization Host Beta for RHEL 8 x86_64 (Debug RPMs)
    Repo URL:  https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/rhvh/4/debug
    Enabled:   0
    
    Repo ID:   rhvh-4-beta-for-rhel-8-x86_64-rpms
    Repo Name: Red Hat Virtualization Host Beta for RHEL 8 x86_64 (RPMs)
    Repo URL:  https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/rhvh/4/os
    Enabled:   0
    
    Repo ID:   rhvh-4.4-for-rhel-8-x86_64-source-rpms
    Repo Name: Red Hat Virtualization Host 4.4 for RHEL 8 x86_64 (Source RPMs)
    Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/rhvh/4.4/source/SRPMS
    Enabled:   0
    
    Repo ID:   rhvh-4-build-beta-for-rhel-8-x86_64-debug-rpms
    Repo Name: Red Hat Virtualization Host Build Beta for RHEL 8 x86_64 (Debug RPMs)
    Repo URL:  https://cdn.redhat.com/content/beta/layered/rhel8/x86_64/rhvh-build/4/debug
    Enabled:   0
    
    [root@rhvh ~]# yum search all ovirt-engine-extension-aaa-ldap-setup.noarch
    Updating Subscription Management repositories.
    No matches found.
    [root@rhvh ~]#
    

    Odpovědi

    10.1. 11:31 X
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    sudo yum install ovirt-engine-extension-aaa-ldap-setup
    Pripona '.noarch' tam nema co delat.
    10.1. 11:52 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Jj, ale ten balicek tam neni. Jedine co tam je je:
    [root@rhvh ~]# yum search all ovirt-engine
    Updating Subscription Management repositories.
    ============================================== Name Matched: ovirt-engine ==============================================
    python3-ovirt-engine-sdk4.x86_64 : oVirt Engine Software Development Kit (Python)
    10.1. 12:48 rpm
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Tak to sosni rucne http://ftp.nluug.nl/os/Linux/virtual/ovirt/ovirt-master-snapshot/rpm/el8/noarch/
    10.1. 13:32 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Rucne to asi jentak nepujde kvuli dependencies:
    [root@rhvh ~]# ls
    ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch.rpm
    ovirt-engine-extension-aaa-ldap-setup-1.5.0-0.304.202111051233.el8.noarch.rpm
    
    [root@rhhv ~]# yum install ovirt-engine-extension-aaa-ldap-*
    Updating Subscription Management repositories.
    Error:
     Problem 1: conflicting requests
      - nothing provides javapackages-filesystem needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides ovirt-engine-extensions-api needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides slf4j needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides slf4j-jdk14 needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides java-11-openjdk-headless >= 1:11.0.0 needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides unboundid-ldapsdk >= 4.0.0 needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
     Problem 2: package ovirt-engine-extension-aaa-ldap-setup-1.5.0-0.304.202111051233.el8.noarch requires ovirt-engine-extension-aaa-ldap = 1.5.0-0.304.202111051233.el8, but none of the providers can be installed
      - conflicting requests
      - nothing provides javapackages-filesystem needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides ovirt-engine-extensions-api needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides slf4j needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides slf4j-jdk14 needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides java-11-openjdk-headless >= 1:11.0.0 needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
      - nothing provides unboundid-ldapsdk >= 4.0.0 needed by ovirt-engine-extension-aaa-ldap-1.5.0-0.304.202111051233.el8.noarch
    (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
    10.1. 17:03 rpm
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Vsechno by melo byt na tom ftp serveru, jo je to pakarna instalovat rucne balik za balikem ale pujde to. Nebo si stahni vsechno a udelej lokalni repo pres "createrepo" a vypni tam gpg check.
    10.1. 13:42 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Je nejakej zpusob jak tam subscribnout standartni repo RedHatu? Zkousel jsem klasicky subscription-manager, ale nejdou protoze je to nenabizi:
    [root@rvhv ~]# subscription-manager repos  --enable=rhel-8-for-x86_64-baseos-rpms
    Error: 'rhel-8-for-x86_64-baseos-rpms' does not match a valid repository ID. Use "subscription-manager repos --list" to see valid repositories.
    
    Max avatar 10.1. 15:41 Max | skóre: 70 | blog: Max_Devaine
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Hele, jseš si jistý, že postupuješ správně? Očekával bych, že se ověřování bude řešit na úrovni Manageru (taková ta klikací věc, co by měla běžet na sólo mašince, nebo ve virtuálce), né hosta.
    Zdar Max
    Měl jsem sen ... :(
    10.1. 16:19 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    No doufam ze jo, pisi to zde a na dokumentaci ovirtu. Ale nikdy jsem zatim RHV neinstaloval, tak se radeji ptam zde, jestli treba nekdo ma zkusenost.
    Max avatar 10.1. 16:44 Max | skóre: 70 | blog: Max_Devaine
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Tam píší, že se to dělá na "On the Red Hat Virtualization Manager", což je to klikátko, né hypervisor.
    Ale nevím, jak to máš nainstalovaný, jeden čas bylo podporovaný mít nainstalovaný Manager v rámci hypervisoru, ale od toho se snad už ustoupilo a musí běžet bokem nebo jako VM (= self hosted).
    Zdar Max
    Měl jsem sen ... :(
    10.1. 17:08 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    JJ jako self-hosted, bezi mi to jako VM pod tou RedHat virtualizaci. Ale nenaklikaval jsem v tom zatim nic, prave jsem myslel, ze je potreba prvne ten balicek.
    10.1. 17:16 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Aha, tak to mozna bude ono. Kdyz je prihlasim na Cockpit toho Manageru <IP_ADRESA_RHV_VM:9090>, tak pres shell tam ten balicek je. Zkusim a dam vedet.
    11.1. 13:38 2012
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Super, je to funkcni. Pomohlo mi, jak jste me postrcil s tim, ze by to mela byt zalezitost toho RH Managera. V tom management serveru, coz je VM uvnitr te virtualizace (self-hosted), byl ten balicek "aaa-ldap-setup" uz by default nainstalovany, stacilo to akorat nastavit. Jeste jednou Dik.
    [root@rhvm ~]# ldapsearch -H ldaps://freeipa.test.local -Z -x -w testtest123 -D "uid=admin,cn=users,cn=accounts,dc=test,dc=local" -b "cn=users,cn=accounts,dc=test,dc=local" '(objectClass=*)'^C
    [root@rhvm ~]# 
    [root@rhvm ~]# ovirt-engine-extension-aaa-ldap-setup
    [ INFO  ] Stage: Initializing
    [ INFO  ] Stage: Environment setup
              Configuration files: /etc/ovirt-engine-extension-aaa-ldap-setup.conf.d/10-packaging.conf
              Log file: /tmp/ovirt-engine-extension-aaa-ldap-setup-20220111132417-l8bi4i.log
              Version: otopi-1.9.6 (otopi-1.9.6-2.el8ev)
    [ INFO  ] Stage: Environment packages setup
    [ INFO  ] Stage: Programs detection
    [ INFO  ] Stage: Environment customization
              Welcome to LDAP extension configuration program
              Available LDAP implementations:
               1 - 389ds
               2 - 389ds RFC-2307 Schema
               3 - Active Directory
               4 - IBM Security Directory Server
               5 - IBM Security Directory Server RFC-2307 Schema
               6 - IPA
               7 - Novell eDirectory RFC-2307 Schema
               8 - OpenLDAP RFC-2307 Schema
               9 - OpenLDAP Standard Schema
              10 - Oracle Unified Directory RFC-2307 Schema
              11 - RFC-2307 Schema (Generic)
              12 - RHDS
              13 - RHDS RFC-2307 Schema
              14 - iPlanet
              Please select: 6
               
              NOTE:
              It is highly recommended to use DNS resolution for LDAP server.
              If for some reason you intend to use hosts or plain address disable DNS usage.
               
              Use DNS (Yes, No) [Yes]: No
              Available policy method:
               1 - Single server
               2 - DNS domain LDAP SRV record
               3 - Round-robin between multiple hosts
               4 - Failover between multiple hosts
              Please select: 1
              Please enter host address: freeipa.test.local
    [ INFO  ] Trying to resolve host 'freeipa.test.local'
               
              NOTE:
              It is highly recommended to use secure protocol to access the LDAP server.
              Protocol startTLS is the standard recommended method to do so.
              Only in cases in which the startTLS is not supported, fallback to non standard ldaps protocol.
              Use plain for test environments only.
               
              Please select protocol to use (startTLS, ldaps, plain) [startTLS]: ldaps
              Please select method to obtain PEM encoded CA certificate (File, URL, Inline, System, Insecure): System
    [ INFO  ] Connecting to LDAP using 'ldaps://freeipa.test.local:636'
    [ INFO  ] Connection succeeded
              Enter search user DN (for example uid=username,dc=example,dc=com or leave empty for anonymous): uid=admin,cn=users,cn=accounts,dc=test,dc=local
              Enter search user password: 
    [ INFO  ] Attempting to bind using 'uid=admin,cn=users,cn=accounts,dc=test,dc=local'
              Please enter base DN (dc=test,dc=local) [dc=test,dc=local]: 
              Are you going to use Single Sign-On for Virtual Machines (Yes, No) [Yes]: Yes
               
              NOTE:
              Profile name has to match domain name, otherwise Single Sign-On for Virtual Machines will not work.
               
              Please specify profile name that will be visible to users [freeipa.test.local]: 
    [ INFO  ] Stage: Setup validation
               
              NOTE:
              It is highly recommended to test drive the configuration before applying it into engine.
              Login sequence is executed automatically, but it is recommended to also execute Search sequence manually after successful Login sequence.
               
              Please provide credentials to test login flow:
              Enter user name: admin              
              Enter user password: 
    [ INFO  ] Executing login sequence...
              Login output:
              Picked up JAVA_TOOL_OPTIONS: -Dcom.redhat.fips=false
              Jan 11, 2022 1:27:21 PM org.ovirt.engine.exttool.core.ExtensionsToolExecutor main
              INFO: ========================================================================
              Jan 11, 2022 1:27:21 PM org.ovirt.engine.exttool.core.ExtensionsToolExecutor main
              INFO: ============================ Initialization ============================
              Jan 11, 2022 1:27:21 PM org.ovirt.engine.exttool.core.ExtensionsToolExecutor main
              INFO: ========================================================================
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager loadImpl
              INFO: Loading extension 'freeipa.test.local-authn'
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager loadImpl
              INFO: Extension 'freeipa.test.local-authn' loaded
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager loadImpl
              INFO: Loading extension 'freeipa.test.local'
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager loadImpl
              INFO: Extension 'freeipa.test.local' loaded
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager initialize
              INFO: Initializing extension 'freeipa.test.local-authn'
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.extension.aaa.ldap.Framework createConnectionPoolEntry
              INFO: [ovirt-engine-extension-aaa-ldap.authn::freeipa.test.local-authn] Creating LDAP pool 'authz'
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.extension.aaa.ldap.Framework createConnectionPoolEntry
              INFO: [ovirt-engine-extension-aaa-ldap.authn::freeipa.test.local-authn] LDAP pool 'authz' information: vendor='389 Project' version='389-Directory/1.4.3.16 B2021.202.0819'
              Jan 11, 2022 1:27:22 PM org.ovirt.engine.extension.aaa.ldap.Framework createConnectionPoolEntry
              INFO: [ovirt-engine-extension-aaa-ldap.authn::freeipa.test.local-authn] Creating LDAP pool 'authn'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.extension.aaa.ldap.Framework createConnectionPoolEntry
              INFO: [ovirt-engine-extension-aaa-ldap.authn::freeipa.test.local-authn] LDAP pool 'authn' information: vendor='389 Project' version='389-Directory/1.4.3.16 B2021.202.0819'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager initialize
              INFO: Extension 'freeipa.test.local-authn' initialized
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager initialize
              INFO: Initializing extension 'freeipa.test.local'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.extension.aaa.ldap.Framework createConnectionPoolEntry
              INFO: [ovirt-engine-extension-aaa-ldap.authz::freeipa.test.local] Creating LDAP pool 'authz'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.extension.aaa.ldap.Framework createConnectionPoolEntry
              INFO: [ovirt-engine-extension-aaa-ldap.authz::freeipa.test.local] LDAP pool 'authz' information: vendor='389 Project' version='389-Directory/1.4.3.16 B2021.202.0819'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.extension.aaa.ldap.AuthzExtension ensureFramework
              INFO: [ovirt-engine-extension-aaa-ldap.authz::freeipa.test.local] Available Namespaces: [dc=test,dc=local]
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager initialize
              INFO: Extension 'freeipa.test.local' initialized
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager dump
              INFO: Start of enabled extensions list
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager dump
              INFO: Instance name: 'freeipa.test.local', Extension name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.4.5', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.4.5-1', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0',  File: '/tmp/tmpilujgp8_/extensions.d/freeipa.test.local.properties', Initialized: 'true'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager dump
              INFO: Instance name: 'freeipa.test.local-authn', Extension name: 'ovirt-engine-extension-aaa-ldap.authn', Version: '1.4.5', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.4.5-1', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0',  File: '/tmp/tmpilujgp8_/extensions.d/freeipa.test.local-authn.properties', Initialized: 'true'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.core.extensions.mgr.ExtensionsManager dump
              INFO: End of enabled extensions list
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.core.ExtensionsToolExecutor main
              INFO: ========================================================================
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.core.ExtensionsToolExecutor main
              INFO: ============================== Execution ===============================
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.core.ExtensionsToolExecutor main
              INFO: ========================================================================
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl run
              INFO: Iteration: 0
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$AAAProfile init
              INFO: Profile='freeipa.test.local' authn='freeipa.test.local-authn' authz='freeipa.test.local' mapping='null'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action lambda$static$3
              INFO: API: -->Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='freeipa.test.local' user='admin'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action lambda$static$3
              INFO: API: <--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='freeipa.test.local' result=SUCCESS
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump lambda$static$0
              INFO: --- Begin AuthRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_AUTHN_AUTH_RECORD_PRINCIPAL: admin
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump lambda$static$0
              INFO: --- End   AuthRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action lambda$static$3
              INFO: API: -->Authz.InvokeCommands.FETCH_PRINCIPAL_RECORD principal='admin'
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action lambda$static$3
              INFO: API: <--Authz.InvokeCommands.FETCH_PRINCIPAL_RECORD status=SUCCESS
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump$1 dump
              INFO: --- Begin PrincipalRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_AUTHZ_PRINCIPAL_PRINCIPAL: admin
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_AUTHZ_PRINCIPAL_LAST_NAME: Administrator
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_LDAP_UNBOUNDID_DN: uid=admin,cn=users,cn=accounts,dc=test,dc=local
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_AUTHZ_PRINCIPAL_NAMESPACE: dc=test,dc=local
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_AUTHZ_PRINCIPAL_ID: cc152cfc-214a-11ec-841d-0e66e5ed9733
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO: AAA_AUTHZ_PRINCIPAL_NAME: admin
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump dumpGroups
              INFO:   --- Begin GroupRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_DISPLAY_NAME: Account administrators group
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_ID: cc172412-214a-11ec-bf7d-0e66e5ed9733
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_NAMESPACE: dc=test,dc=local
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_LDAP_UNBOUNDID_DN: cn=admins,cn=groups,cn=accounts,dc=test,dc=local
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_NAME: admins
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump dumpGroups
              INFO:   --- End   GroupRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump dumpGroups
              INFO:   --- Begin GroupRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_DISPLAY_NAME: Trusts administrators group
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_ID: 6f860a50-214b-11ec-9865-0e66e5ed9733
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_NAMESPACE: dc=test,dc=local
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_LDAP_UNBOUNDID_DN: cn=trust admins,cn=groups,cn=accounts,dc=test,dc=local
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl output
              INFO:   AAA_AUTHZ_GROUP_NAME: trust admins
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump dumpGroups
              INFO:   --- End   GroupRecord ---
              Jan 11, 2022 1:27:23 PM org.ovirt.engine.exttool.aaa.AAAServiceImpl$Dump$1 dump
              INFO: --- End   PrincipalRecord ---
    [ INFO  ] Login sequence executed successfully
              Please make sure that user details are correct and group membership meets expectations (search for PrincipalRecord and GroupRecord titles).
              Abort if output is incorrect.
              Select test sequence to execute (Done, Abort, Login, Search) [Done]: Done
    [ INFO  ] Stage: Transaction setup
    [ INFO  ] Stage: Misc configuration (early)
    [ INFO  ] Stage: Package installation
    [ INFO  ] Stage: Misc configuration
    [ INFO  ] Stage: Transaction commit
    [ INFO  ] Stage: Closing up
              CONFIGURATION SUMMARY
              Profile name is: freeipa.test.local
              The following files were created:
                  /etc/ovirt-engine/aaa/freeipa.test.local.properties
                  /etc/ovirt-engine/extensions.d/freeipa.test.local.properties
                  /etc/ovirt-engine/extensions.d/freeipa.test.local-authn.properties
    [ INFO  ] Stage: Clean up
              Log file is available at /tmp/ovirt-engine-extension-aaa-ldap-setup-20220111132417-l8bi4i.log:
    [ INFO  ] Stage: Pre-termination
    [ INFO  ] Stage: Termination
    [root@rhvm ~]# 
    Max avatar 11.1. 13:52 Max | skóre: 70 | blog: Max_Devaine
    Rozbalit Rozbalit vše Re: RedHat virtualizace LDAP auth, chybejci balicek
    Díky za feedback.
    Zdar Max
    PS: já přemýšlím o nasazení oVirt, dřív jsem ho testoval, ale je to už pár let, takže je na čase se na něj znovu podívat
    Měl jsem sen ... :(

    Založit nové vláknoNahoru

    Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

    ISSN 1214-1267   www.czech-server.cz
    © 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.