Re: ActionNotAllowed: admin permission required

2009-05-26 Thread Mike Bonnet 

Tom Stage wrote:

Hi all

Well I have to admit that I am in the same boat as the last thread with the
same Subject, this config is also with SSL configured and it seems to be ok
and running good, I can log in to the web interface.

I have Koji installed on a Fedora 10 x86_64 system, and I have followed the
HowTo at http://fedoraproject.org/wiki/Koji/ServerHowTo and I to cant seem
to execute the following commands as an example:

System info:
Uname -a 
Linux koji 2.6.27.21-170.2.56.fc10.x86_64 #1 SMP Mon Mar 23 23:08:10 EDT

2009 x86_64 x86_64 x86_64 GNU/Linux

Rpm -qa
koji-builder-1.3.1-1.fc10.noarch
koji-utils-1.3.1-1.fc10.noarch
koji-1.3.1-1.fc10.noarch
koji-web-1.3.1-1.fc10.noarch
koji-hub-1.3.1-1.fc10.noarch

SSL certificates created after the instructions in the howto, with one
exception, since this is a single host installation I have only created 3
types of certificates. The 1st one is the signing certificate. The 2nd one
is the certificates for the host, and used by all the koji services. The 3rd
one is the user certificates.

[r...@koji ~]koji call getLoggedInUser
{'id': 1, 'krb_principal': None, 'name': 'admin', 'status': 0, 'usertype':
0} 


[r...@koji ~]koji add-user kojira
ActionNotAllowed: admin permission required

[r...@koji ~]koji add-host koji.dvos.dk x86_64
ActionNotAllowed: admin permission required

My users in the users table in postgres looks like this:
Id  namepasswordstatus  usertypekrb_principal
1   admin   0   0   
2   koji.dvos.dk0   1   

My permissions table looks like this:
Id  name
1   admin
2   build
3   repo

I am confused and don't understand what I am doing wrong, and I am willing
to post my configuration files as well.

Any help is appreciated.


To grant a permission to a user you need to insert into the user_perms 
table.  The user_id column references the id of the users table, and the 
perm_id references the id of the permissions table.  In your case, 
granting the admin user the admin permission would be accomplished 
by running:


insert into user_perms (user_id, perm_id) values (1, 1);

After that, you can grant other permissions by using the koji 
grant-permission command.


--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list

RE: ActionNotAllowed: admin permission required

2009-05-26 Thread Tom Stage 
Hi Mike, Jay and the rest of you

I have solved the problem with you kind help.

The basic problem was the user_perms table not being updated, so it was a
combo of not reading the how to right.

Thanks for your help on this.

Cheers Tom



-Original Message-
From: Mike Bonnet [mailto:mi...@redhat.com] 
Sent: 26. maj 2009 16:18
To: Tom Stage; Discussion of Fedora build system
Subject: Re: ActionNotAllowed: admin permission required

Tom Stage wrote:
 Hi all
 
 Well I have to admit that I am in the same boat as the last thread with
the
 same Subject, this config is also with SSL configured and it seems to be
ok
 and running good, I can log in to the web interface.
 
 I have Koji installed on a Fedora 10 x86_64 system, and I have followed
the
 HowTo at http://fedoraproject.org/wiki/Koji/ServerHowTo and I to cant seem
 to execute the following commands as an example:
 
 System info:
 Uname -a 
 Linux koji 2.6.27.21-170.2.56.fc10.x86_64 #1 SMP Mon Mar 23 23:08:10 EDT
 2009 x86_64 x86_64 x86_64 GNU/Linux
 
 Rpm -qa
 koji-builder-1.3.1-1.fc10.noarch
 koji-utils-1.3.1-1.fc10.noarch
 koji-1.3.1-1.fc10.noarch
 koji-web-1.3.1-1.fc10.noarch
 koji-hub-1.3.1-1.fc10.noarch
 
 SSL certificates created after the instructions in the howto, with one
 exception, since this is a single host installation I have only created 3
 types of certificates. The 1st one is the signing certificate. The 2nd one
 is the certificates for the host, and used by all the koji services. The
3rd
 one is the user certificates.
 
 [r...@koji ~]koji call getLoggedInUser
 {'id': 1, 'krb_principal': None, 'name': 'admin', 'status': 0, 'usertype':
 0} 
 
 [r...@koji ~]koji add-user kojira
 ActionNotAllowed: admin permission required
 
 [r...@koji ~]koji add-host koji.dvos.dk x86_64
 ActionNotAllowed: admin permission required
 
 My users in the users table in postgres looks like this:
 Idnamepasswordstatus  usertypekrb_principal
 1 admin   0   0   
 2 koji.dvos.dk0   1   
 
 My permissions table looks like this:
 Idname
 1 admin
 2 build
 3 repo
 
 I am confused and don't understand what I am doing wrong, and I am willing
 to post my configuration files as well.
 
 Any help is appreciated.

To grant a permission to a user you need to insert into the user_perms 
table.  The user_id column references the id of the users table, and the 
perm_id references the id of the permissions table.  In your case, 
granting the admin user the admin permission would be accomplished 
by running:

insert into user_perms (user_id, perm_id) values (1, 1);

After that, you can grant other permissions by using the koji 
grant-permission command.

--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list