virt-manager:Unable to connect to libvirt

English Virtualization
1

hello,everybody. Recently I installed the latest suse 12.2 on my dell optiplex 390. After I install the xen part and bulid virtual machine on two exactly same machine, I try to connect the other one with virt-manager in YaST, and the error “Unable to connect to libvirt” appears, the details are as below:
[SUB]Unable to connect to libvirt.

authentication failed: polkit\56retains_authorization_after_challenge=1
Authorization requires authentication but no agent is available.

Verify that the ‘libvirtd’ daemon is running
on the remote host.

Details:
Unable to connect to libvirt.

authentication failed: polkit\56retains_authorization_after_challenge=1
Authorization requires authentication but no agent is available.

Verify that the ‘libvirtd’ daemon is running
on the remote host.

Libvirt URI is: xen+ssh://elab2@192.168.0.66/

Traceback (most recent call last):
File “/usr/share/virt-manager/virtManager/connection.py”, line 1027, in _open_thread
self.vmm = self._try_open()
File “/usr/share/virt-manager/virtManager/connection.py”, line 1009, in _try_open
flags)
File “/usr/lib64/python2.7/site-packages/libvirt.py”, line 102, in openAuth

[/SUB]Above is under the condition that libvirtd.conf been all commented. Libvirtd service is running. VNC is enabled. rsa_keys is copied. Googled many results, but none solved my problem. Anybody met such a question? Please share your wisdom with me, thanks.

Plus, When try to start virt-manager in console, the result is as below:
[SUB]** (virt-manager:7835): WARNING **: Trying to register gtype ‘GMountMountFlags’ as enum when in fact it is of type ‘GFlags’[/SUB][SUB]

** (virt-manager:7835): WARNING **: Trying to register gtype ‘GDriveStartFlags’ as enum when in fact it is of type ‘GFlags’[/SUB][SUB]

** (virt-manager:7835): WARNING **: Trying to register gtype ‘GSocketMsgFlags’ as enum when in fact it is of type ‘GFlags’[/SUB][SUB]

(virt-manager:7835): GConf-WARNING **: Client failed to connect to the D-BUS daemon:[/SUB][SUB]
Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.[/SUB]

2

Then start one!

http://forums.opensuse.org/english/get-technical-help-here/virtualization/478648-opensuse-12-2-kvm-broken-error-hypervisor-not-running.html#post2489396

3

sorry for not replying for so many days, I have been trapped in other things. As I am new at Linux, could you please tell me how to start an agent? Very appreciated for that.

4

When I tried ssh elab2@192.168.0.66 and input the password, I can connect to elab2 in the terminal while still can’t connect xen in virtual machine manager. The error is the same as I posted in the very first beginning. Anybody helps?

5

Dependiing on the desktop you are using, a polkit agent should have been started.

  • KDE automatically starts /usr/lib64/kde4/libexec/polkit-kde-authentication-agent-1 from /usr/share/autostart/polkit-kde-authentication-agent-1.desktop. For this to work, the package polkit-kde-agent has to be installed. The polkit agent will ask for root password when you start virt-manager.

http://imageshack.us/a/img197/2108/polkitkde.png

  • Gnome2 and Gnome fallback, as well as XFCE and LXDE automatically starts /usr/lib/polkit-gnome-authentication-agent-1 from /etc/xdg/autostart/polkit-gnome-authentication-agent-1.desktop. For this to work, the package polkit-gnome has to be installed. As with kde, the polkit agent will ask for root password when you start virt-manager.

http://imageshack.us/a/img838/26/polkitgnome.png

  • Gnome3 (gnome-shell) doesn’t need to start a polkit agent, since it uses pkexec internally.

http://imageshack.us/a/img24/5686/pkexecgnome.png

  • Cinnamon would use pkexec too but does not because the polkit agent gets autostarted although it is not needed. Hence this error message under cinnamon:
Window manager warning: Log level 16: Unable to register authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: An authentication agent already exists for the given subject
Window manager warning: Log level 16: Error registering polkit authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: An authentication agent already exists for the given subject (polkit-error-quark 0)

To use pkexec under cinnamon, you have to copy /etc/xdg/autostart/polkit-gnome-authentication-agent-1.desktop in ~/.config/autostart/polkit-gnome-authentication-agent-1.desktop and replace this line:

AutostartCondition=GNOME3 unless-session gnome

with this

AutostartCondition=GNOME3 if-session gnome-fallback

You can call this a bug if you want. Well … yes, it’s a bug. I haven’t found a minute to report it.

  • If you’re using a DE or WM other than the ones mentioned above, you have to start the polkit agent in the init script of your DE, or in xinitrc, Xsession, however you start X.

I use this for icewm in ~/.icewm/startup:

#!/bin/bash
( sleep 1 && conky.sh ) &
**/usr/lib/polkit-gnome-authentication-agent-1 &**
start-pulseaudio-x11

this for sawfish in ~/.sawfish/rc:

(system "conky.sh &")
**(system "/usr/lib/polkit-gnome-authentication-agent-1 &")
**(system "start-pulseaudio-x11 &")

this for WIndowMaker in ~/GNUstep/Library/WindowMaker/autostart

#!/bin/sh
#
# Place applications to be executed when WindowMaker is started here.
# This should only be used for non-X applications or applications that
# do not support session management. Other applications should be restarted
# by the WindowMaker session restoring mechanism. For that, you should
# either set SaveSessionOnExit=YES or select "Save Session" in the Workspace
# submenu of the root menu when all applications you want started are
# running.
#
# WindowMaker will wait until this script finishes, so if you run any
# commands that take long to execute (like a xterm), put a ``&'' in the
# end of the command line.
#
# This file must be executable.
#
xset m 20/10 4
**/usr/lib/polkit-gnome-authentication-agent-1 &**

Alternatively you can use the polkit wrapper I wrote for other WMs which don’t have an autostart script (or use too inconvenient functions), among others, twm, ctwm, mwm and fvwm(2):

#! /bin/bash

prg=$1

 "$prg" ] || exec echo "missing argument"
 -x "$prg" ] || which $prg &>/dev/null || exec echo "program not found: $1"

shift
args=$*

 `id -u` -eq 0 ] && exec $prg $args

uname -m | grep -q 64 && lib=/usr/lib64 || lib=/usr/lib

if  "$DESKTOP_SESSION" = "kde" ]; then 
        pga=polkit-kde-authentication-agent-1
        lpga=/usr/$lib/kde4/libexec/$pka
else
        pga=polkit-gnome-authentication-agent-1
        lpga=/usr/lib/$pga
fi

case $DESKTOP_SESSION in
        gnome|gnome-shell|cinnamon*) exec $prg $args ;;
        *) ps nc -C $pga &>/dev/null && exec $prg $args || {  ! -x $lpga ] && exec echo "program not found: $lpga" || $lpga & $prg $args ;} ;;
esac

Save it in /usr/bin as “polkitexec”. To start virt-manager, just type:

$ polkitexec virt-manager

and never see this again:

http://imageshack.us/a/img440/869/polkitnone.png

It should work in all situations. If a polkit agent is already running, it won’t start another one and execute the command directly. If you’re running this script as root (but why would you?!), it won’t start a polkit agent either.

This doesn’t only apply to virt-manager but to any other application that needs to be started over polkit or pkexec. And indeed, you can use the polkitexec script to start other applications.
6

This is what I got when check if polkit-kde-agent is installed, and it show yes. To ensure it’s not the issue, I reinstalled it and the result is the same.

elab2@linux-mckq:~> rpm -qa|grep polkit
polkit-0.104-6.1.2.x86_64
libpolkit0-0.104-6.1.2.x86_64
rubygem-polkit1-0.0.3-2.1.2.x86_64
**polkit-kde-agent-1-0.99.0-13.1.2.x86_64**
gconf-polkit-3.2.5-2.1.2.x86_64
polkit-kde-kcmmodules-1-0.98.1+git20110929-3.1.2.x86_64
libpolkit-qt-1-1-0.99.1-20.1.2.x86_64
polkit-default-privs-12.2-8.3.1.noarch

This is what I got when executed /usr/lib64/kde4/libexec/polkit-kde-authentication-agent-1, it shows that PolicyKitKDE is already running.

elab2@linux-mckq:~> /usr/lib64/kde4/libexec/polkit-kde-authentication-agent-1 
QDBusConnection: session D-Bus connection created before QCoreApplication. Application may misbehave.
PolicyKitKDE is already running!
 
QDBusConnection: session D-Bus connection created before QCoreApplication. Application may misbehave.

I’m beginning to doubt if it was the network’s problem. Cause there is only one network adaptor eth0 in my machine. After suse is installed, there is another adaptor named br0. I configured eth0 with 192.168.0.99/24, and br0 192.168.0.88/24.

When I connect br0 in virt-manager, there is no request for password and the error is as belows:

Unable to connect to libvirt.
 
Cannot recv data: ssh: connect to host 192.168.0.88 port 22: Connection timed out
: Connection reset by peer
 
Verify that the 'libvirtd' daemon is running
on the remote host.
 
Libvirt URI is: xen+ssh://elab@192.168.0.88/
 
Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/connection.py", line 1027, in _open_thread
    self.vmm = self._try_open()
  File "/usr/share/virt-manager/virtManager/connection.py", line 1009, in _try_open
    flags)
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line 102, in openAuth
    if ret is None:raise libvirtError('virConnectOpenAuth() failed')
libvirtError: Cannot recv data: ssh: connect to host 192.168.0.88 port 22: Connection timed out
: Connection reset by peer

And when I try to connect eh0, the password is needed (when I create ssh key, I select empty password) and the error is as what I said in the top list.

Unable to connect to libvirt.
 
authentication failed: polkit\56retains_authorization_after_challenge=1
Authorization requires authentication but no agent is available.
 
Verify that the 'libvirtd' daemon is running
on the remote host.

And
virsh # connect elab@192.168.0.88 got the same error

It’s so disappointing that I’m just going to give up it if there is no solutions.

Or is it possible to connect to remote xen without ssh authentication? And how? Thanks a lot.

7

OK. It means that it is running and working. Don’t start it manually! It is autostarted by KDE.

That’s the problem. Whatever it is, it’s not a bridge (anymore). You do not assign an IP to a bridge. It has the same IP as the NIC it is bridged to.

If you could completely get rid of this br0 - maybe using the same method you used to create it (YaST → Virtualization … ? ), you could use nat2bridge without argument to create a bridge to eth0, before starting virt-manager and bridge2nat to remove the bridge when you don’t need it anymore. nat2bridge and bridge2nat are two hardlinks of the same script vm-bridge](http://forums.opensuse.org/english/other-forums/development/programming-scripting/453961-vm-bridge-convert-virtual-machines-nat-bridge-bridge-nat.html#post2288556). The latter is included in package vmscripts, available in my repo:

# **zypper info vmscripts**
Loading repository data...
Reading installed packages...


Information for package vmscripts:

Repository: @System
Name: vmscripts
Version: 1.5.1-7.1
Arch: noarch
Vendor: obs://build.opensuse.org/home:please_try_again
Installed: Yes
Status: up-to-date
Installed Size: 85.6 KiB
Summary: Some helper scripts for VirtualBox & kvm virtual machines
Description: 
vboxlive: runs Linux live system in VirtualBox disk-less virtual machines
[http://forums.opensuse.org/english/get-technical-help-here/how-faq-forums/unreviewed-how-faq/465445-running-linux-live-cds-disk-less-virtual-machines-under-virtualbox.html](http://forums.opensuse.org/english/get-technical-help-here/how-faq-forums/unreviewed-how-faq/465445-running-linux-live-cds-disk-less-virtual-machines-under-virtualbox.html)
VBoxExtensionPack: updates VirtualBox Extension pack:
[http://forums.opensuse.org/english/other-forums/development/programming-scripting/459800-update-virtualbox-4-0-extension-pack.html](http://forums.opensuse.org/english/other-forums/development/programming-scripting/459800-update-virtualbox-4-0-extension-pack.html)
vm-bridge: converts virtual machines from NAT to bridge or bridge to NAT
[http://forums.opensuse.org/english/other-forums/development/programming-scripting/453961-vm-bridge-convert-virtual-machines-nat-bridge-bridge-nat.html](http://forums.opensuse.org/english/other-forums/development/programming-scripting/453961-vm-bridge-convert-virtual-machines-nat-bridge-bridge-nat.html)
vm-create: creates kvm virtual machines from anywhere to anywhere.
[http://forums.opensuse.org/english/other-forums/development/programming-scripting/453962-vm-create-create-kvm-virtual-machines.html](http://forums.opensuse.org/english/other-forums/development/programming-scripting/453962-vm-create-create-kvm-virtual-machines.html)
popup library: displays dialogs in QT/GTK style (used by the other scripts)
[http://forums.opensuse.org/english/other-forums/development/programming-scripting/452886-dialog-boxes-bash-scripts.html](http://forums.opensuse.org/english/other-forums/development/programming-scripting/452886-dialog-boxes-bash-scripts.html)

#** rpm -ql vmscripts**
/etc/vboxlive.cfg
/etc/vm-create.cfg
/usr/bin/VBoxExtensionPack
/usr/bin/bridge2nat
/usr/bin/nat2bridge
/usr/bin/popup
/usr/bin/vboxlive
/usr/bin/vm-bridge
/usr/bin/vm-create
/usr/share/doc/packages/vmscripts
/usr/share/doc/packages/vmscripts/COPYING

Yes, it’s not surprising.

Well, first I’m using kvm, not xen. But virt-manager can handle both. vm-bridge doesn’t care whether you’re using xen or kvm. All it does is create a bridge on the given interface (by default eth0 when you use the command nat2bridge). Another script in this package, vm-create]( http://forums.opensuse.org/english/other-forums/development/programming-scripting/453962-vm-create-create-kvm-virtual-machines.html), could in theory also create xen virtual machines (either on local or remote hypervisors) but has never been tested with xen (at least not by me). It works fine with kvm though.
Second I’m not using YaST (for anything. Shame on me! :shame:), but I’m sharing my method with you and you can see if it makes sense and does what you want.

  • To add my repo and install vmscripts, you can look at this post: The fastest and easiest way to install Oracle VirtualBox!. The tool you need is in the same package.
  • To create a bridge on the default NIC (remember that it should not already exist), just type the following command as root:
# nat2bridge
  • Start virt-manager and do your work with virtual machines that use br0.
  • When you’re done, remove the bridge with:
# bridge2nat

This is of course one method among many others, nothing official, nothing openSUSic either. These scripts work with any distro - at least with the couple ones I have tested.

I give you an example:

after booting:

# ifconfig -a
eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX  
         ** inet addr:192.168.101.8  Bcast:192.168.101.255  Mask:255.255.255.0**
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1205414 errors:0 dropped:3867 overruns:0 frame:0
          TX packets:442473 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1779204620 (1696.7 Mb)  TX bytes:54903973 (52.3 Mb)

eth1      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX  
          inet addr:192.168.102.8  Bcast:192.168.102.255  Mask:255.255.255.0
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:9742 (9.5 Kb)
          Interrupt:23 Base address:0x4000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:389817 errors:0 dropped:0 overruns:0 frame:0
          TX packets:389817 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:29704436 (28.3 Mb)  TX bytes:29704436 (28.3 Mb)

after running nat2bridge:

# ifconfig -a
br0       Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
         ** inet addr:192.168.101.8  Bcast:192.168.101.255  Mask:255.255.255.0**
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:26 errors:0 dropped:0 overruns:0 frame:0
          TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1922 (1.8 Kb)  TX bytes:9392 (9.1 Kb)
  
eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX 
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:1205725 errors:0 dropped:3867 overruns:0 frame:0
          TX packets:442794 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1779315425 (1696.8 Mb)  TX bytes:54957773 (52.4 Mb)

eth1      Link encap:Ethernet  HWaddr 00:1A:92:E5:E5:21  
          inet addr:192.168.102.8  Bcast:192.168.102.255  Mask:255.255.255.0
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:9742 (9.5 Kb)
          Interrupt:23 Base address:0x4000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:392316 errors:0 dropped:0 overruns:0 frame:0
          TX packets:392316 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:29893418 (28.5 Mb)  TX bytes:29893418 (28.5 Mb)

the bridge br0 inherits eth0 IP. MAC addresses and IP6 (masked here and in red text) are identical.

after running bridge2nat:

# ifconfig -a
eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX  
         ** inet addr:192.168.101.8  Bcast:192.168.101.255  Mask:255.255.255.0**
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1205414 errors:0 dropped:3867 overruns:0 frame:0
          TX packets:442473 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1779204620 (1696.7 Mb)  TX bytes:54903973 (52.3 Mb)

eth1      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX  
          inet addr:192.168.102.8  Bcast:192.168.102.255  Mask:255.255.255.0
          inet6 addr: fe80::XXX:XXXX:XXXX:XXXX/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:9742 (9.5 Kb)
          Interrupt:23 Base address:0x4000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:389817 errors:0 dropped:0 overruns:0 frame:0
          TX packets:389817 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:29704436 (28.3 Mb)  TX bytes:29704436 (28.3 Mb)

ssh is not the problem here.

8

Thank you for your patience, I redid it exactly as what you told, delelte the previous br0 and create a new one with vm-bridge, and still cannot connect to the hypervisor

error: authentication failed: polkit\56retains_authorization_after_challenge=1
Authorization requires authentication but no agent is available.

This is the configuration for elab2

br0       Link encap:Ethernet  HWaddr 78:45:C4:1F:8D:7C  
          inet addr:192.168.0.66  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::7a45:c4ff:fe1f:8d7c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:184 (184.0 b)  TX bytes:9207 (8.9 Kb)
 
eth0      Link encap:Ethernet  HWaddr 78:45:C4:1F:8D:7C  
          inet6 addr: fe80::7a45:c4ff:fe1f:8d7c/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:996 errors:0 dropped:0 overruns:0 frame:0
          TX packets:650 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:278304 (271.7 Kb)  TX bytes:75206 (73.4 Kb)
 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:254 errors:0 dropped:0 overruns:0 frame:0
          TX packets:254 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:23555 (23.0 Kb)  TX bytes:23555 (23.0 Kb)

Service

linux-mckq:/usr/local/bin # chkconfig -list
 
Note: This output shows SysV services only and does not include native
systemd services. SysV configuration data might be overridden by native
systemd configuration.
 
SuSEfirewall2_init        0:off  1:off  2:off  3:off  4:off  5:off  6:off
SuSEfirewall2_setup       0:off  1:off  2:off  3:off  4:off  5:off  6:off
acpid                     0:off  1:off  2:on   3:on   4:off  5:on   6:off
after.local               0:off  1:off  2:off  3:off  4:off  5:off  6:off
alsasound                 0:off  1:off  2:on   3:on   4:off  5:on   6:off
atd                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
autofs                    0:off  1:off  2:off  3:off  4:off  5:off  6:off
autoyast                  0:off  1:off  2:off  3:off  4:off  5:off  6:off
avahi-daemon              0:off  1:off  2:off  3:on   4:off  5:on   6:off
avahi-dnsconfd            0:off  1:off  2:off  3:off  4:off  5:off  6:off
before.local              0:off  1:off  2:off  3:off  4:off  5:off  6:off
bluez-coldplug            0:off  1:off  2:on   3:on   4:off  5:on   6:off
cifs                      0:off  1:off  2:off  3:off  4:off  5:off  6:off
collectd                  0:off  1:off  2:off  3:on   4:off  5:on   6:off
cpufreq                   0:off  1:off  2:on   3:on   4:off  5:on   6:off
cron                      0:off  1:off  2:on   3:on   4:off  5:on   6:off
cups                      0:off  1:off  2:on   3:on   4:off  5:on   6:off
dbus                      0:off  1:off  2:on   3:on   4:off  5:on   6:off
dnsmasq                   0:off  1:off  2:off  3:off  4:off  5:off  6:off
earlysyslog               0:off  1:off  2:on   3:on   4:off  5:on   6:off
ebtables                  0:off  1:off  2:off  3:off  4:off  5:off  6:off
fbset                     0:off  1:on   2:on   3:on   4:off  5:on   6:off
gpm                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
haveged                   0:off  1:off  2:on   3:on   4:off  5:on   6:off
irq_balancer              0:off  1:off  2:off  3:off  4:off  5:off  6:off
iscsid                    0:off  1:off  2:off  3:off  4:off  5:off  6:off
joystick                  0:off  1:off  2:off  3:off  4:off  5:off  6:off
kbd                       0:off  1:on   2:on   3:on   4:off  5:on   6:off  S:on 
kexec                     0:off  1:off  2:off  3:off  4:off  5:off  6:off
ksysguardd                0:off  1:off  2:off  3:off  4:off  5:off  6:off
libvirt-guests            0:off  1:off  2:off  3:on   4:off  5:on   6:off
libvirtd                  0:off  1:off  2:off  3:on   4:off  5:on   6:off
lirc                      0:off  1:off  2:off  3:off  4:off  5:off  6:off
lm_sensors                0:off  1:off  2:off  3:off  4:off  5:off  6:off
mcelog                    0:off  1:off  2:on   3:on   4:off  5:on   6:off
mdadmd                    0:off  1:off  2:off  3:off  4:off  5:off  6:off
multipathd                0:off  1:off  2:off  3:off  4:off  5:off  6:off
mysql                     0:off  1:off  2:off  3:off  4:off  5:off  6:off
network                   0:off  1:off  2:off  3:on   4:off  5:on   6:off
network-remotefs          0:off  1:off  2:off  3:on   4:off  5:on   6:off
nfs                       0:off  1:off  2:off  3:on   4:off  5:on   6:off
nfsserver                 0:off  1:off  2:off  3:off  4:off  5:off  6:off
nginx                     0:off  1:off  2:off  3:off  4:off  5:off  6:off
nmb                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
nscd                      0:off  1:off  2:off  3:on   4:off  5:on   6:off
ntp                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
openvpn                   0:off  1:off  2:off  3:off  4:off  5:off  6:off
pciback                   0:off  1:off  2:off  3:off  4:off  5:off  6:off
pm-profiler               0:off  1:off  2:off  3:off  4:off  5:off  6:off
postfix                   0:off  1:off  2:off  3:on   4:off  5:on   6:off
powerd                    0:off  1:off  2:off  3:off  4:off  5:off  6:off
purge-kernels             0:off  1:off  2:off  3:on   4:off  5:on   6:off
radvd                     0:off  1:off  2:off  3:off  4:off  5:off  6:off
random                    0:off  1:off  2:on   3:on   4:off  5:on   6:off
raw                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
rpcbind                   0:off  1:off  2:off  3:on   4:off  5:on   6:off
rpmconfigcheck            0:off  1:off  2:off  3:off  4:off  5:off  6:off
rsyncd                    0:off  1:off  2:off  3:off  4:off  5:off  6:off
shellinabox               0:off  1:off  2:off  3:off  4:off  5:off  6:off
skeleton.compat           0:off  1:off  2:off  3:off  4:off  5:off  6:off
smartd                    0:off  1:off  2:on   3:on   4:off  5:on   6:off
smb                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
smolt                     0:off  1:off  2:off  3:off  4:off  5:off  6:off
sshd                      0:off  1:off  2:off  3:on   4:off  5:on   6:off
syslog                    0:off  1:off  2:on   3:on   4:off  5:on   6:off
webyast                   0:off  1:off  2:off  3:off  4:off  5:off  6:off
xdm                       0:off  1:off  2:off  3:off  4:off  5:on   6:off
xen-watchdog              0:off  1:off  2:on   3:on   4:off  5:on   6:off
xencommons                0:off  1:off  2:on   3:on   4:off  5:on   6:off
xend                      0:off  1:off  2:off  3:on   4:off  5:on   6:off
xendomains                0:off  1:off  2:off  3:on   4:off  5:on   6:off
xfs                       0:off  1:off  2:off  3:off  4:off  5:off  6:off
xinetd                    0:off  1:off  2:off  3:on   4:off  5:on   6:off
ypbind                    0:off  1:off  2:off  3:off  4:off  5:off  6:off
xinetd based services:
        chargen:            off
        chargen-udp:        off
        cups-lpd:           off
        daytime:            off
        daytime-udp:        off
        discard:            off
        discard-udp:        off
        echo:               off
        echo-udp:           off
        netstat:            off
        rsync:              off
        sane-port:          off
        servers:            off
        services:           off
        swat:               off
        systat:             off
        time:               off
        time-udp:           off
        vnc:                on

ssh config

linux-mckq:~/.ssh # ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):          # Left empty
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
12:04:e2:a4:81:65:7d:d0:ab:bb:dc:28:15:25:13:c4 root@linux-mckq
The key's randomart image is:
+-- RSA 2048]----+
|o.=+==.          |
|.* .E.+          |
|. .  =..         |
|    . ..         |
|     o. S        |
|    o  .         |
|   . .           |
|  ...o           |
|   .+..          |
+-----------------+
 
linux-mckq:/home/elab2 # ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.0.88
The authenticity of host '192.168.0.88 (192.168.0.88)' can't be established.
ECDSA key fingerprint is 58:6e:81:f2:67:03:73:46:18:3a:83:69:9e:08:ca:48.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.88' (ECDSA) to the list of known hosts.
Password: 
Now try logging into the machine, with "ssh '192.168.0.88'", and check in:
 
  ~/.ssh/authorized_keys
 
to make sure we haven't added extra keys that you weren't expecting.

From the other machine, I tried

virsh # connect xen+ssh://elab2@192.168.0.66
Password: 
error: Failed to connect to the hypervisor
error: authentication failed: polkit\56retains_authorization_after_challenge=1
Authorization requires authentication but no agent is available.

Any ideas?

9

Humm… I can only do that as root under openSUSE.


# sudo virsh
WARNING: no socket to connect to
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
       'quit' to quit

virsh # connect qemu+ssh://192.168.101.8/system

virsh # list --all
 Id Name                 State
----------------------------------
  - faidherbe            shut off
  - olaf                 shut off
  - olaf-clone           shut off
10

Yes, I did that as root. Neither by virsh nor by virt-manager, the result is a failure. That’s really disappointing:(

11

Do you have ssh root access to computer 192.168.0.66? If so try (as root on your local machine):

virsh # connect xen+ssh:/192.168.0.66/system

You should not get a polkit error when you connect as root.

12

This time it shows “internal error unexpected Xen URI path ‘/192.168.0.88/system’, try xen:/// ", tried xen:///, still failed

13

OK, I can connect the other hypervisor using“connect xen+ssh://192.168.0.66”
Now the problem is that I can’t connect the local domain while I connect the other one. Why?
Thank you very much.

14

The easiest way I’ve found to connect (I’m using KVM) is this:
open a root terminal (type su)
then type rclibvirtd start

I hope this helps.