Re: [one-users] Sunstone question/trouble
El 12/07/11 23:45, Robert Schweikert escribió: > Yes, definitely helped to understand why I was getting the error. It > might be useful to also document, and maybe it is and I missed it, that > sunstone-server needs to run as oneadmin user and not as root or other. No, I think you misunderstood. Strictly speaking, sunstone-server does not need to be run with the oneadmin unix user (or the same user that is running opennebula). But whoever runs the sunstone-server though, needs to place the one_auth file in their "$HOME/.one/one_auth" or to provide a different path (via ONE_AUTH env variable). -- Héctor Sanjuán OpenNebula Sunstone Developer ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone question/trouble
Hi, On Tue, 2011-07-12 at 17:45 -0400, Robert Schweikert wrote: > OK, now I see the problem. This depends on the sunstone-server running > as the oneadmin user with the HOME environment variable being set > properly by the shell. Why isn't HOME set correctly ? If it is run via su oneadmin -l -s /bin/bash -c 'one start' all should be fine ? > I think this is not correct, The code should parse /etc/password for the No! User code should not read /etc/passwd itself. What about other means like NIS, LDAP, AD, ... ? Use getent instead, which handles everything in /etc/nsswitch automagically. Yours, Steffen -- IPB HalleAG Massenspektrometrie & Bioinformatik Dr. Steffen Neumann http://www.IPB-Halle.DE Weinberg 3 http://msbi.bic-gh.de 06120 Halle Tel. +49 (0) 345 5582 - 1470 +49 (0) 345 5582 - 0 sneumann(at)IPB-Halle.DE Fax. +49 (0) 345 5582 - 1409 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone question/trouble
Hi Hector, On 07/12/2011 04:30 PM, Héctor Sanjuán wrote: Hi Robert, Sunstone (actually the ruby oca) does look for the one_auth file in the user home folder. This is done here [1]. OK, now I see the problem. This depends on the sunstone-server running as the oneadmin user with the HOME environment variable being set properly by the shell. I think this is not correct, The code should parse /etc/password for the oneadmin account and then extract the home directory from there. Concatenate the extracted home directory with .one/one_auth At least this additional implementation should be an additional fall back. If the ONE_AUTH environmental variable is not defined, it will try to find the file in ~/.one/one_auth Note that this one_auth file should contain the credentials of the 'oneadmin' opennebula user (or the user with UID=0) in the form of "user:password". I hope I clarified it :-) Yes, definitely helped to understand why I was getting the error. It might be useful to also document, and maybe it is and I missed it, that sunstone-server needs to run as oneadmin user and not as root or other. Thanks, Robert -- Robert Schweikert MAY THE SOURCE BE WITH YOU SUSE-IBM Software Integration Center LINUX Tech Lead rjsch...@suse.com rschw...@ca.ibm.com 781-464-8147 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone question/trouble
Hi Robert, Sunstone (actually the ruby oca) does look for the one_auth file in the user home folder. This is done here [1]. If the ONE_AUTH environmental variable is not defined, it will try to find the file in ~/.one/one_auth Note that this one_auth file should contain the credentials of the 'oneadmin' opennebula user (or the user with UID=0) in the form of "user:password". I hope I clarified it :-) Hector [1] http://dev.opennebula.org/projects/opennebula/repository/revisions/master/entry/src/oca/ruby/OpenNebula.rb#L88 El 12/07/11 17:37, Robert Schweikert escribió: > Hi, > > I am trying to get Sunstone running and create a separate package for > SUSE, rather than packaging the OpenNebula and Sunstone stuff together. > > I have the server running but when I try to login I get > > ONE_AUTH file not present > > shouldn't the server look in the users home directory for the user who > is attempting to log in to find the one_auth file? > > Help is appreciated. > > Thanks, > Robert > -- Héctor Sanjuán OpenNebula Sunstone Developer ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone question/trouble
This is just for starring Sunstone. After it's started you can add as menu users as you want. But this one will be superadmin. Robert Schweikert wrote: > > >On 07/12/2011 11:57 AM, Ara Sadoyan wrote: >> Hi Robert >> >> You need something like this before starting sunstone. OR better add it >> to you oneadmin .bashrc file. it forks for me perfectly. >> export ONE_AUTH=/home/one/oneauth > >OK, that would work for the oneadmin user I suppose, or do you collect >all users that register with the system in this one authentication file? > >Thanks, >Robert > > >-- >Robert Schweikert MAY THE SOURCE BE WITH YOU >SUSE-IBM Software Integration Center LINUX >Tech Lead >rjsch...@suse.com >rschw...@ca.ibm.com >781-464-8147 >___ >Users mailing list >Users@lists.opennebula.org >http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone question/trouble
On 07/12/2011 11:57 AM, Ara Sadoyan wrote: Hi Robert You need something like this before starting sunstone. OR better add it to you oneadmin .bashrc file. it forks for me perfectly. export ONE_AUTH=/home/one/oneauth OK, that would work for the oneadmin user I suppose, or do you collect all users that register with the system in this one authentication file? Thanks, Robert -- Robert Schweikert MAY THE SOURCE BE WITH YOU SUSE-IBM Software Integration Center LINUX Tech Lead rjsch...@suse.com rschw...@ca.ibm.com 781-464-8147 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone question/trouble
Hi Robert You need something like this before starting sunstone. OR better add it to you oneadmin .bashrc file. it forks for me perfectly. export ONE_AUTH=/home/one/oneauth Regards, Ara On 7/12/2011 8:37 PM, Robert Schweikert wrote: > Hi, > > I am trying to get Sunstone running and create a separate package for > SUSE, rather than packaging the OpenNebula and Sunstone stuff together. > > I have the server running but when I try to login I get > > ONE_AUTH file not present > > shouldn't the server look in the users home directory for the user who > is attempting to log in to find the one_auth file? > > Help is appreciated. > > Thanks, > Robert > signature.asc Description: OpenPGP digital signature ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
