[pve-devel] cfs-locked 'authkey' operation: pve cluster filesystem not online

wb webmaster at jbsky.fr
Sun May 23 23:23:23 CEST 2021


Hello to all.

I have the plan to implement the SSO authentication feature with the SAML protocol.
However, I have an error that prevents me from validating the authentication process.
It is about the locks.
The first step is to store the request_saml_id. If I try to create a file by your libraries, I get an 500 error with msg:
error during cfs-locked \'file-request_tmp\' operation: pve cluster filesystem not online /etc/pve/priv/lock.
https://github.com/jbsky/proxmox-saml2-auth/commit/d75dc621aae719c8fdd251859af9641cda0e526b
Ok, I can make a temp workaround.

2nd step :
When I try to create a ticket with the function create_ticket in package PVE::API2::AccessControl;
I've got this error :
authentication failure; rhost=127.0.0.1 user=admin at DOM msg=error during cfs-locked 'authkey' operation: pve cluster filesystem not online /etc/pve/priv/lock
src : https://github.com/jbsky/proxmox-saml2-auth/commit/93b02727d2e172968c14c4ce3a7c27e8d5c0feb0

I have really bad luck with these locks!
Can you help me to understand the prerequisites to make the lock work?


If you want init a redirect to an identity provider(IdP, ex: Keycloak), use this url :
https://pve/api2/html/access/saml?realm=DOM

After an authentication side IdP, the IdP post to pve at https://pve/api2/html/access/saml.


I'm sorry to work on a separate repository, it's because I don't know your components very well.

I would be grateful if you could tell me how to debug these locks.

Thanking you in advance, 

Sincerely,

Julien BLAIS


More information about the pve-devel mailing list