From: wb <webmaster@jbsky.fr>
To: "pve-devel@lists.proxmox.com" <pve-devel@lists.proxmox.com>
Subject: [pve-devel] cfs-locked 'authkey' operation: pve cluster filesystem not online
Date: Sun, 23 May 2021 23:23:23 +0200 [thread overview]
Message-ID: <fb0ddc9e61de4c98f1498ff4375b9689@mwinf5d62.me-wanadoo.net> (raw)
Hello to all.
I have the plan to implement the SSO authentication feature with the SAML protocol.
However, I have an error that prevents me from validating the authentication process.
It is about the locks.
The first step is to store the request_saml_id. If I try to create a file by your libraries, I get an 500 error with msg:
error during cfs-locked \'file-request_tmp\' operation: pve cluster filesystem not online /etc/pve/priv/lock.
https://github.com/jbsky/proxmox-saml2-auth/commit/d75dc621aae719c8fdd251859af9641cda0e526b
Ok, I can make a temp workaround.
2nd step :
When I try to create a ticket with the function create_ticket in package PVE::API2::AccessControl;
I've got this error :
authentication failure; rhost=127.0.0.1 user=admin@DOM msg=error during cfs-locked 'authkey' operation: pve cluster filesystem not online /etc/pve/priv/lock
src : https://github.com/jbsky/proxmox-saml2-auth/commit/93b02727d2e172968c14c4ce3a7c27e8d5c0feb0
I have really bad luck with these locks!
Can you help me to understand the prerequisites to make the lock work?
If you want init a redirect to an identity provider(IdP, ex: Keycloak), use this url :
https://pve/api2/html/access/saml?realm=DOM
After an authentication side IdP, the IdP post to pve at https://pve/api2/html/access/saml.
I'm sorry to work on a separate repository, it's because I don't know your components very well.
I would be grateful if you could tell me how to debug these locks.
Thanking you in advance,
Sincerely,
Julien BLAIS
next reply other threads:[~2021-05-23 21:31 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-23 21:23 wb [this message]
2021-05-24 7:45 Dietmar Maurer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fb0ddc9e61de4c98f1498ff4375b9689@mwinf5d62.me-wanadoo.net \
--to=webmaster@jbsky.fr \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.