Description of problem:
In case that the link creation on the broker fails because of ACL denial, qpid-route tool does not return any error. Example:
There are two brokers running on two different machines. Their configuration files are the same:
[root@lzhaldyb-rhel65i ~]# cat /etc/qpid/qpidd.acl
acl deny all create link
acl allow all all
[root@lzhaldyb-rhel65i ~]# cat /etc/qpid/qpidd.conf
The attempt to create queue route from the queue fed.q on the one broker to the fed.ex exchange on the second broker fails due to ACL denial, the destination broker says "[Broker] warning Client closed connection with 320: ACL denied creating a federation link". The qpid-route, however, does not report any problem:
[root@lzhaldyb-rhel65x ~]# qpid-route queue add email@example.com:5672 firstname.lastname@example.org:5672 fed.ex fed.q
[root@lzhaldyb-rhel65x ~]# echo $?
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure ACL rule to deny link creation on destination broker.
2. Try to create a route to destination broker using qpid-route tool.
Route is not created due to ACL denial, the tool does not return any error.
Route is not created, the tool reports the error.
In case that no ACL rules are provided on the destination broker (no "acl-file" directive in qpidd.conf), the warning in broker's log is different: "[Broker] warning Client closed connection with 320: User federation connection denied. Systems with authentication enabled must specify ACL create link rules." But the result is the same - no route is created (which is what's supposed to happen under these conditions), and no error reported by qpid-route (which is wrong).
*** This bug has been marked as a duplicate of bug 797073 ***