I've subscribed to the dev mailing list, but I'm waiting to be accepted, so for now I'm posting here.
Running Cobbler 1.6.6 on RHEL 5.3 Here's the configuation: # vi /etc/cobbler/modules.conf [authentication] module = authn_configfile [authorization] module = authz_ownership :wq! # htdigest /etc/cobbler/users.digest "Cobbler" pcompany Adding user pcompany in realm Cobbler New password: yaba Re-type new password: yaba # htdigest /etc/cobbler/users.digest "Cobbler" [email protected] New password: daba Re-type new password: daba # vi /etc/cobbler/users.conf [admins] admin = "" cobbler = "" pcompany = "" [email protected] = "" :wq! # vi /etc/httpd/conf.d/cobbler.conf <Directory "/var/www/cobbler/web/"> AuthType Basic AuthName Cobbler Require valid-user SetHandler mod_python PythonAuthenHandler index PythonHandler index PythonPath "sys.path + ['/var/www/cobbler/web/']" PythonDebug on </Directory> :wq! # /etc/init.d/cobblerd restart # /etc/init.d/httpd restart Browse to the Web UI and login as (A) pcompany and (B) [email protected]: (A1) Logging in as pcompany works fine. Authentication works. (A2) Authorization for pcompany works. pcompany has full permissions to list/copy/modify/new/remove/save on distros, profiles, systems, repos, kickstarts This is because user.conf is parsed correctly and it finds pcompany. (B1) Logging in as [email protected] works fine. Authentication works. (B2) Authorization for [email protected] fails! This is because user.conf is parsed incorrectly and it can not find [email protected] Here's what's left in the log, see line 1044 # cat /var/log/cobbler/cobblerd.log 2009-08-13 17:37:56,905 - api - login attempt; user([email protected]) 2009-08-13 17:37:56,905 - api - authenticate; ['[email protected]', 'big long encryption string'] 2009-08-13 17:37:56,906 - api - login succeeded; user([email protected]) 2009-08-13 17:37:57,035 - api - calling authorize for resource ['new_system', None, None]; user([email protected]) 2009-08-13 17:37:57,035 - api - Exception occured: cobbler.cexceptions.CX 2009-08-13 17:37:57,035 - api - Exception value: 'user does not have access to resource: new_system' 2009-08-13 17:37:57,036 - api - Exception Info: File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1000, in check_access_no_fail self.check_access(token,resource,arg1,arg2) File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1013, in check_access rc = self.__authorize(token,resource,arg1,arg2) File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1044, in __authorize raise CX(_("user does not have access to resource: %s") % resource) Can anyone think of a quick fix? I'm assuming it's choking on the @ symbol. I tried quoting it, but that didn't work. We probably have to modify /usr/lib/python2.4/site-packages/cobbler/remote.py? Or whatever python module parses users.conf? _______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
