[one-users] Can't log onto Sunstone [OpenNebula 3.2.0, OpenSUSE 11.4]

Daniel Molina dmolina at opennebula.org
Wed Mar 7 06:49:54 PST 2012 

Hi,

On 6 March 2012 15:22, biro lehel <lehel.biro at yahoo.com> wrote:
>
> Hello,
>
> I still couldn't fix my problem to log onto Sunstone, as I keep getting the "OpenNebula is not running" error.
>
> The relevant part of oned.log:
>
> Tue Mar  6 16:11:02 2012 [ReM][D]: UserPoolInfo method invoked
> Tue Mar  6 16:11:02 2012 [AuM][D]: Message received: LOG I 2 Command execution fail: /var/lib/one/remotes/auth/server_cipher/authenticate 'serveradmin' '33f166cddc4d8f9ffe2102cea013ff23a286bc58' ukbtkaYnnWypvN2hqaDZgdA5mF3S5R4q/sGkbnHvP9JqTNoUXw8LkewWOwILQLfk
>
> Tue Mar  6 16:11:02 2012 [AuM][I]: Command execution fail: /var/lib/one/remotes/auth/server_cipher/authenticate 'serveradmin' '33f166cddc4d8f9ffe2102cea013ff23a286bc58' ukbtkaYnnWypvN2hqaDZgdA5mF3S5R4q/sGkbnHvP9JqTNoUXw8LkewWOwILQLfk
> Tue Mar  6 16:11:02 2012 [AuM][D]: Message received: LOG I 2 sh: /var/lib/one/remotes/auth/server_cipher/authenticate: Permission denied
>
> Tue Mar  6 16:11:02 2012 [AuM][I]: sh: /var/lib/one/remotes/auth/server_cipher/authenticate: Permission denied
> Tue Mar  6 16:11:02 2012 [AuM][D]: Message received: LOG I 2 ExitCode: 126
>
> Tue Mar  6 16:11:02 2012 [AuM][I]: ExitCode: 126
> Tue Mar  6 16:11:02 2012 [AuM][D]: Message received: AUTHENTICATE FAILURE 2 -
>
> Tue Mar  6 16:11:02 2012 [AuM][E]: Auth Error:
> Tue Mar  6 16:11:02 2012 [ReM][E]: [UserPoolInfo] User couldn't be authenticated, aborting call.
> Tue Mar  6 16:11:09 2012 [VMM][I]: --Mark--
> Tue Mar  6 16:11:09 2012 [InM][I]: --Mark--
> Tue Mar  6 16:11:09 2012 [ReM][D]: HostPoolInfo method invoked
> Tue Mar  6 16:11:09 2012 [ReM][D]: VirtualMachinePoolInfo method invoked
> Tue Mar  6 16:11:09 2012 [ReM][D]: AclInfo method invoked
>
> My questions:


In your log there is a "Permission denied" error on
/var/lib/one/remotes/auth/server_cipher/authenticate. Can you check if
the user running oned has execution permissions on this file?

>
>
>    * Who is "serveradmin"? It's the first time I see such a username;


serveradmin is a user used by the servers (EC2, OCCI, Sunstone...) to
authenticate on behalf of other users. You should not authenticate
with this user or change its password, it is a user used by the
system.

You can find the credentials for this user in the following files for
each server
$ ls $ONE_LOCATION/var/.one/
ec2_auth  occi_auth  sunstone_auth

The content of these files should be:
serveradmin:passinplain

So if you changed the serveradmin password using the CLI, oneuser
passwd serveradmin newpassword you have to update those files as
follows:
$ cat sunstone_auth
serveradmin:newpassword

>
>    * Shouldn't I be logging in with "oneadmin" user, and it's system password (the password with which I normally log into my system)?


You have to log in with oneadmin or a different cloud user, but you
never have to use the serveradmin user.

Cheers

-- 
Daniel Molina
Project Engineer
OpenNebula - The Open Source Solution for Data Center Virtualization
www.OpenNebula.org | dmolina at opennebula.org | @OpenNebula

More information about the Users mailing list