* Access level problem on gnats 4.0
@ 2004-02-10 16:53 Evan Lavelle
2004-02-10 18:18 ` Evan Lavelle
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Evan Lavelle @ 2004-02-10 16:53 UTC (permalink / raw)
To: help-gnats
I've just installed gnats 4.0 and I'm having a problem getting access to
a database. This is a single machine (RH7.2), single-user trial setup,
using gnatsd. 'host_access' contains:
localhost:admin:
*:listdb:
query-pr gives me an 'acess denied' message, and USER says that my
access level is 'listdb'. If I remove the '*:listdb:' entry then I don't
get any permissions at all. I've tried variations on 'localhost', and
tried 'edit' instead of 'admin', but nothing gives me an access level
above listdb.
I've also tried creating a 'user_access' which contains the single line
evan::admin
but this doesn't make any difference. I know that gnatsd is successfully
restaring because removing the '*:listdb:' line lowers the permissions.
Any ideas?
Thanks -
Evan
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://mail.gnu.org/mailman/listinfo/help-gnats
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Access level problem on gnats 4.0
2004-02-10 16:53 Access level problem on gnats 4.0 Evan Lavelle
@ 2004-02-10 18:18 ` Evan Lavelle
2004-02-10 18:31 ` Mel Hatzis
2004-02-10 23:18 ` Hans-Albert Schneider
2 siblings, 0 replies; 6+ messages in thread
From: Evan Lavelle @ 2004-02-10 18:18 UTC (permalink / raw)
To: help-gnats
Ok, getting there, very slowly...
if I change
> evan::admin
to 'evan::admin:' then at least I can (I think) get access to a database.
Next question: there's a tkgnats in the 'contrib' directory, but it
doesn't seem to work. When you start it up it tries to exec 'query-pr
--list-class', and this doesn't seem to be a supported option for
query-pr. The emacs mode also seems to be broken; it wants to do
'query-pr --directory', which doesn't seem to be a supported option
either. Are there versions of tkgnats and the emacs mode for gnats 4.0?
Thanks
Evan
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://mail.gnu.org/mailman/listinfo/help-gnats
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Access level problem on gnats 4.0
2004-02-10 16:53 Access level problem on gnats 4.0 Evan Lavelle
2004-02-10 18:18 ` Evan Lavelle
@ 2004-02-10 18:31 ` Mel Hatzis
2004-02-10 23:18 ` Hans-Albert Schneider
2 siblings, 0 replies; 6+ messages in thread
From: Mel Hatzis @ 2004-02-10 18:31 UTC (permalink / raw)
To: Evan Lavelle; +Cc: help-gnats
Hi Evan, ...
On 02/10/2004 08:50 AM, Evan Lavelle submitted:
> I've just installed gnats 4.0 and I'm having a problem getting access to
> a database. This is a single machine (RH7.2), single-user trial setup,
> using gnatsd. 'host_access' contains:
>
> localhost:admin:
> *:listdb:
There are two locations where you can place the "access" files:
1. <instdir>/etc/gnats/
2. <dbdir>/gnats-adm/
Check for a gnatsd.user_access file in both locations. Note that
the one in the <dbdir> will override the one in <instdir>.
>
> query-pr gives me an 'acess denied' message, and USER says that my
> access level is 'listdb'. If I remove the '*:listdb:' entry then I don't
> get any permissions at all. I've tried variations on 'localhost', and
> tried 'edit' instead of 'admin', but nothing gives me an access level
> above listdb.
>
> I've also tried creating a 'user_access' which contains the single line
>
> evan::admin
The syntax of the gnatsd.user_access file has changed some.
You should use the following equivalent:
evan:$0$:admin:
>
> but this doesn't make any difference. I know that gnatsd is successfully
> restaring because removing the '*:listdb:' line lowers the permissions.
>
> Any ideas?
Hope this helps.
--
Mel Hatzis
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://mail.gnu.org/mailman/listinfo/help-gnats
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Access level problem on gnats 4.0
2004-02-10 16:53 Access level problem on gnats 4.0 Evan Lavelle
2004-02-10 18:18 ` Evan Lavelle
2004-02-10 18:31 ` Mel Hatzis
@ 2004-02-10 23:18 ` Hans-Albert Schneider
2004-02-11 10:29 ` Evan Lavelle
2 siblings, 1 reply; 6+ messages in thread
From: Hans-Albert Schneider @ 2004-02-10 23:18 UTC (permalink / raw)
To: Evan Lavelle, help-gnats
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 10 February 2004 17:50, Evan Lavelle wrote:
> I've just installed gnats 4.0 and I'm having a problem getting
> access to a database. This is a single machine (RH7.2), single-user
> trial setup, using gnatsd. 'host_access' contains:
>
> localhost:admin:
> *:listdb:
A first guess:
Copy the "localhost" line, replacing "localhost" by the hostname of
your machine. This must be the "canonical" hostname, i.e., the first
one listed for its IP address in /etc/hosts.
If this does not help, please come back to the list with some more
information, especially tell us the complete invocation of query-pr,
and the contents of your databases file (as this is where query-pr
looks for information on how to contact the database).
Hans-Albert
- --
Hans-Albert Schneider
Munich, Germany
EMail: Hans-Albert@HA-Schneider.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iQEVAwUBQClkV75/YryrhGWVAQF1rQf+Jp2qyZZZ1eZJGQ83TroCKQYlahN2JaM6
2/aBILHtPYXCLd1DBymGDYqqlHYwZ0S1XtK6s0+hYZEI5cUzVra2DTtxsLPpLeRO
/st+sjVbA5xEMlae7aK8G6eTSxr1lgwxd1M2yOyFFlTX9lHka4Qb8aW2uFeFzAsB
hLn/cBIet612LT4iBBC3nuEY7Pbkwt2Ak2cU/M62Zcvixn1AwIoTxEX95LrwhrJn
VBQQWQF3Qa33DO3rL7TvfkbpTtrbOJQBUtiZjOjlZ2JY7Nh8DA/cCNe5q3x5PEKT
QpJOK0d/zJtGOC0zXnJZWeQbfPo+PmgZMVshPK7u1b4076eIhBcnmw==
=SpRY
-----END PGP SIGNATURE-----
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://mail.gnu.org/mailman/listinfo/help-gnats
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Access level problem on gnats 4.0
2004-02-10 23:18 ` Hans-Albert Schneider
@ 2004-02-11 10:29 ` Evan Lavelle
2004-02-11 18:17 ` Mel Hatzis
0 siblings, 1 reply; 6+ messages in thread
From: Evan Lavelle @ 2004-02-11 10:29 UTC (permalink / raw)
To: help-gnats; +Cc: Hans-Albert Schneider, Mel Hatzis
Thanks Mel/Hans-Albert - some more info below. I thought I had fixed the
access problem with the extra ':' in my user_access, but this actually
made no difference.
I've got one local test database, on the same machine as the server.
'/usr/local/etc/gnats/databases' contains:
default:Bug database:/usr/local/com/gnatsdb
test:test database:/home/evan/work/test/gnatsdb
I've got one host_access file, and three user_access files, in these
locations:
/usr/local/etc/gnats/defaults/gnatsd.user_access (this is empty)
/usr/local/etc/gnats/gnatsd.host_access
/usr/local/com/gnatsdb/gnats-adm/gnatsd.user_access
/home/evan/work/test/gnatsdb/gnats-adm/gnatsd.user_access
'host_access' contains:
[canonical-name]:admin:
*:none:
[canonical-name] is my machine's full name from /etc/hosts; using either
the short name or 'localhost', or removing this line completely, makes
no difference.
The two 'user_access' files currently contain:
evan:$0$evan:admin:
*::none:
I then set GNATSDB to 'test'. With this setup, I can use send-pr to
create a problem report in the 'test' database, and I can use query-pr
to view it, and edit-pr to edit it. I know that it's my local test
database, because 'query-pr --database test 1' shows the PR, but
'query-pr --database default 1' shows nothing.
PROBLEMS:
---------
1) If I restart xinetd, and then run 'gnatsd' to administer the test
database, I can't get any permission above 'none':
evan 113 > gnatsd
200 [canonical-name] GNATS server 4.0 ready.
USER evan evan
210-Now accessing GNATS database 'test'
210 User access level set to 'none'
I've tried different passwords, including none, and it makes no difference.
2) If I now login as another user (gnats), I can *still* edit the test
database using edit-pr. The permissions from the two access files appear
to be ignored when using edit-pr, send-pr, etc.
Any ideas?
Many thanks
Evan
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://mail.gnu.org/mailman/listinfo/help-gnats
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Access level problem on gnats 4.0
2004-02-11 10:29 ` Evan Lavelle
@ 2004-02-11 18:17 ` Mel Hatzis
0 siblings, 0 replies; 6+ messages in thread
From: Mel Hatzis @ 2004-02-11 18:17 UTC (permalink / raw)
To: Evan Lavelle; +Cc: Hans-Albert Schneider, help-gnats
Evan, ...
On 02/11/2004 02:27 AM, Evan Lavelle submitted:
> Thanks Mel/Hans-Albert - some more info below. I thought I had fixed the
> access problem with the extra ':' in my user_access, but this actually
> made no difference.
>
> I've got one local test database, on the same machine as the server.
> '/usr/local/etc/gnats/databases' contains:
>
> default:Bug database:/usr/local/com/gnatsdb
> test:test database:/home/evan/work/test/gnatsdb
>
> I've got one host_access file, and three user_access files, in these
> locations:
>
> /usr/local/etc/gnats/defaults/gnatsd.user_access (this is empty)
> /usr/local/etc/gnats/gnatsd.host_access
> /usr/local/com/gnatsdb/gnats-adm/gnatsd.user_access
> /home/evan/work/test/gnatsdb/gnats-adm/gnatsd.user_access
This is an entirely reasonable setup....providing of course that
the files are readable by the user running gnatsd.
>
> 'host_access' contains:
>
> [canonical-name]:admin:
> *:none:
The above looks good....with one caveat. If you wish to run gnatsd
by hand (as appears to be the case), you should add an entry for
"stdin". So, your host_access file should contain:
[canonical-name]:admin:
stdin:admin:
*:none:
I think this might be causing problem #1.
>
> [canonical-name] is my machine's full name from /etc/hosts; using either
> the short name or 'localhost', or removing this line completely, makes
> no difference.
>
> The two 'user_access' files currently contain:
>
> evan:$0$evan:admin:
> *::none:
The "none" entry is invalid. Try replacing it with:
*:$0$:none:
> I then set GNATSDB to 'test'. With this setup, I can use send-pr to
> create a problem report in the 'test' database, and I can use query-pr
> to view it, and edit-pr to edit it. I know that it's my local test
> database, because 'query-pr --database test 1' shows the PR, but
> 'query-pr --database default 1' shows nothing.
>
> PROBLEMS:
> ---------
>
> 1) If I restart xinetd, and then run 'gnatsd' to administer the test
> database, I can't get any permission above 'none':
>
> evan 113 > gnatsd
> 200 [canonical-name] GNATS server 4.0 ready.
> USER evan evan
> 210-Now accessing GNATS database 'test'
> 210 User access level set to 'none'
>
> I've tried different passwords, including none, and it makes no difference.
>
> 2) If I now login as another user (gnats), I can *still* edit the test
> database using edit-pr. The permissions from the two access files appear
> to be ignored when using edit-pr, send-pr, etc.
Where are you logging in from? If it's from your "canonical-name" host,
you are essentially granting "admin" access since your user_access file
is ignored because of the missing "$0$" in the entry for "none".
Hope this helps.
--
Mel Hatzis
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://mail.gnu.org/mailman/listinfo/help-gnats
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-02-11 18:17 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-02-10 16:53 Access level problem on gnats 4.0 Evan Lavelle
2004-02-10 18:18 ` Evan Lavelle
2004-02-10 18:31 ` Mel Hatzis
2004-02-10 23:18 ` Hans-Albert Schneider
2004-02-11 10:29 ` Evan Lavelle
2004-02-11 18:17 ` Mel Hatzis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).