Bug 1121060
| Summary: | [ACL][LOG] publish action does not log on allow-log rule | ||
|---|---|---|---|
| Product: | Red Hat Enterprise MRG | Reporter: | Zdenek Kraus <zkraus> |
| Component: | qpid-cpp | Assignee: | messaging-bugs <messaging-bugs> |
| Status: | NEW --- | QA Contact: | Messaging QE <messaging-qe-bugs> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | Development | CC: | jross |
| Target Milestone: | 3.3 | Keywords: | Improvement |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | Bug | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: acl rule with allow-log resolution does not log the publish action from spout. Version-Release number of selected component (if applicable): qpid-cpp-server-0.22-43 How reproducible: 100% Steps to Reproduce: 1. cat >/etc/qpid/qpidd.conf auth=yes log-enable=debug+:acl log-to-file=/var/lib/qpidd/qpidd.log acl-file=allow-log.acl 2. cat >/etc/qpid/allow-log.acl acl allow-log all all 3. service qpidd restart 4. ./spout "amq.topic" 5. tail /var/lib/qpidd/qpidd.log Actual results: [4] Message(properties={'spout-id': '79d4730d-32cb-4b3c-80a7-9985745d5030:0'}, content_type='text/plain') [5] 2014-07-18 11:40:18 [Security] debug ACL: Load Rules 2014-07-18 11:40:18 [Security] debug ACL: Processing 1 allow-log [*] * 2014-07-18 11:40:18 [Security] debug ACL: FoundMode allow-log 2014-07-18 11:40:18 [Security] info ACL Plugin loaded 2014-07-18 11:40:47 [Security] debug ACL: Lookup for id:anonymous@QPID action:access objectType:exchange name:amq.topic with params { } 2014-07-18 11:40:47 [Security] debug ACL: No successful match, defaulting to the decision mode allow-log 2014-07-18 11:40:47 [Security] info ACL Allow id:anonymous@QPID action:access ObjectType:exchange Name:amq.topic 2014-07-18 11:40:47 [Security] debug ACL: Lookup for id:anonymous@QPID action:access objectType:queue name:amq.topic with params { } 2014-07-18 11:40:47 [Security] debug ACL: No successful match, defaulting to the decision mode allow-log 2014-07-18 11:40:47 [Security] info ACL Allow id:anonymous@QPID action:access ObjectType:queue Name:amq.topic Expected results: [5] ... lookup, and info allow for _publish_ action Additional info: on deny rule publish is logged