Lxd-p2c 'admin password' error


(Dan Mac Donald) #1

I’m trying to get lxd-p2c to work but I have not been able to get past its prompt for an admin password, every time it tells me:

Error: not authorized

First off the bat, I must say that is a vague request on behalf of lxd-p2c followed with an equally vague error message. What is the ‘Admin password’? Admin of what, where? If p2c actually means the root password of the LXD server then that’s what it should ask for. I’ve tried that several times with no luck. I’m happy to open a bug report to request this is made clearer to the user.

I have run:

# lxc config set core.trust_password foopass

On my LXD server (as well as having run lxd init) but entering that password has also failed with the same “Error: not authorized” message.

If I run

# lxc config trust list

On my LXD server, I get an empty list so I presume I need to add my host to be containerised to this list before I can use p2c but I have been unable to find any docs on how to achieve this. My suspicion is that it might involve a command such as

# lxc config trust add ...

but that seems to require a cert file? What cert? Is that the cert fingerprint printed on the source machine when I run p2c?

I also tried running lxc monitor on my LXD server whilst I ran lxd-p2c on the source machine but it didn’t tell me anything more - no errors or warnings get printed.

There doesn’t seem to be any documentation for lxd-p2c apart from what is available via --help, right?

I am running lxd/lxc 3.0.2 from 16.04 backports (on a Ubuntu 16.04 / amd64 server) and I am testing lxd-p2c built from gh on a Ubuntu 18.04 amd64 machine.

Thanks


(Stéphane Graber) #2

Nope, nothing to do with lxc config trust, you should only need to enter the trust password.

One thing to make sure though, since this is TLS based authentication is that both server’s time and date are correct, if one of them is way off, that’d explain the error.


(Dan Mac Donald) #3

I’m getting a bit further now, but still no luck:

sudo ./lxd-p2c https://server:8443 test /
Generating a temporary client certificate. This may take a minute…
Certificate fingerprint: 50c60f7057c222b9c70b1fd6d44952ab686f9d8722aa3ad24806a8e275bc70d7
ok (y/n)? y
Admin password for https://server:8443:
Error: Failed to rsync: exit status 12
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(235) [sender=3.1.2]

The LXD log:

ephemeral=false lvl=info msg=“Creating container” name=test t=2018-12-13T14:03:06+0000
ephemeral=false lvl=info msg=“Created container” name=test t=2018-12-13T14:03:06+0000
lvl=warn msg=“Unable to update backup.yaml at this time” name=test t=2018-12-13T14:03:06+0000
lvl=eror msg="Rsync receive failed: /var/lib/lxd/containers/test/: exit status 12: " t=2018-12-13T14:03:06+0000
err=“exit status 12” lvl=eror msg=“Error during migration sink” t=2018-12-13T14:03:06+0000
created=2018-12-13T14:03:05+0000 ephemeral=false lvl=info msg=“Deleting container” name=test t=2018-12-13T14:03:06+0000 used=1970-01-01T01:00:00+0100
created=2018-12-13T14:03:05+0000 ephemeral=false lvl=info msg=“Deleting container” name=test t=2018-12-13T14:03:06+0000 used=1970-01-01T01:00:00+0100
created=2018-12-13T14:03:05+0000 ephemeral=false lvl=info msg=“Deleted container” name=test t=2018-12-13T14:03:07+0000 used=1970-01-01T01:00:00+0100
err=“sql: no rows in result set” lvl=eror msg=“Failed deleting container entry” name=test t=2018-12-13T14:03:26+0000

LXD server 3.0.2 / 16.04, client is 18.04


(Stéphane Graber) #4

Did you build the 3.0.2 version of lxd-p2c? Otherwise there may be some rsync options mismatch.