On 08/12/2009 08:54 PM, Paul Company wrote: > The following works: > > # vi /etc/cobbler/modules.conf > [authentication] > module = authn_configfile > > [authorization] > module = authz_ownership > :wq! > > # htdigest /etc/cobbler/users.digest "Cobbler" pcompany > Adding user pcompany in realm Cobbler > New password:<some-passwd> > Re-type new password:<some-passwd> > > # vi /etc/cobbler/users.conf > [admins] > admin = "" > cobbler = "" > pcompany = "" > :wq! > > # vi /etc/httpd/conf.d/cobbler.conf > <Directory "/var/www/cobbler/web/"> > AuthType Basic > AuthName Cobbler > Require valid-user > SetHandler mod_python > PythonAuthenHandler index > PythonHandler index > PythonPath "sys.path + ['/var/www/cobbler/web/']" > PythonDebug on > </Directory> > :wq! > > # /etc/init.d/cobblerd restart > # /etc/init.d/httpd restart > > Browse to the Web UI and login as pcompany: > (1) Logging in as pcompany works fine. > (2) pcompany has full permissions to list/copy/modify/new/remove/save > on distros, profiles, systems, repos, kickstarts > (3) If I remove pcompany from users.conf, then pcompany can only list > things; pcompany can't add anything! > Which is expected! > > ============== > > The following does NOT work: why? > > # vi /etc/cobbler/modules.conf > [authentication] > module = authn_passthru > > [authorization] > module = authz_ownership > :wq! > > # vi /etc/cobbler/users.conf > [admins] > admin = "" > cobbler = "" > [email protected] = "" > :wq! > > # vi /etc/httpd/conf.d/cobbler.conf > <Directory "/var/www/cobbler/web/"> > AllowOverride AuthConfig > AuthType Kerberos > AuthName "Kerberos Login" > KrbServiceName HTTP > Krb5Keytab /etc/httpd/conf.d/HTTP.keytab > KrbAuthRealms EXAMPLE.COM > Require valid-user > SetHandler mod_python > PythonAuthenHandler index > PythonHandler index > PythonPath "sys.path + ['/var/www/cobbler/web/']" > PythonDebug on > </Directory> > :wq! > > # /etc/init.d/cobblerd restart > # /etc/init.d/httpd restart > > Browse to the Web UI and login as pcompany: > (1) Logging in as [email protected] works fine. > BUT > (2) [email protected] can only list things; [email protected] > can't add anything! > > Any ideas? > _______________________________________________ > cobbler mailing list > [email protected] > https://fedorahosted.org/mailman/listinfo/cobbler
Guessing -- I believe your username in the bottom example is [email protected], if that's what you logged in with, not pcompany. Was that it? --Michael _______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
