| Summary: | Guide should be explicit that authentication as cumin user is necessary for job ops | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise MRG | Reporter: | Trevor McKay <tmckay> | ||||
| Component: | Management_Console_Installation_Guide | Assignee: | Alison Young <alyoung> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Leonid Zhaldybin <lzhaldyb> | ||||
| Severity: | low | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 2.0 | CC: | bkozdemb, esammons, jneedle, lbrindle, lzhaldyb, matt | ||||
| Target Milestone: | 2.1 | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-01-26 19:25:56 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Bug Depends On: | 733205, 738875 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Trevor McKay
2011-08-18 18:50:44 UTC
Note to self re content, Because of BZ #693845, setting user/password information for cumin when connecting to a broker that allows anonymous authentication will actually cause cumin to receive no objects if the anonymous method is chosen Therefore, in the current state of the art these are rules: 1) user/password must be used for cumin to have job ops work. user must be cumin, no other. 2) sasl-mech-list in cumin.conf should always be restricted to PLAIN to make sure that anon is never used. 3) if PLAIN is not enabled by the broker, user/password must NOT be specified. In this configuration, cumin will not be able to use job ops but will see objects. So, users really ought to create the cumin user, set up the broker for PLAIN, and configure broker/sasl-mech-list in cumin.conf accordingly. Anything less than all three will not work satisfactorily and is strongly discouraged. Make this clear and concise. Created attachment 528856 [details]
Changes in new section 3.1.2
The issue was fixed in the upcoming version 2.1. -> VERIFIED This book is now available on redhat.com/docs. Please raise a new bug if you spot any issues. Thanks, LKB |