Bug 1258749 - [Log Viewer] No permissions to display log files for RHEV Manager
[Log Viewer] No permissions to display log files for RHEV Manager
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-webadmin-portal (Show other bugs)
3.6.0
Unspecified Unspecified
unspecified Severity high
: ---
: 3.6.0
Assigned To: Josh Kinlaw
Gonza
subeng
: Regression, Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-01 03:56 EDT by Gonza
Modified: 2015-09-08 11:32 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-09-08 11:32:25 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gonza 2015-09-01 03:56:47 EDT
Description of problem:
After login as admin user, when accessing the Log Viewer tab on webadmin and selecting "RHEV Manager" from the dropdown menu "Please Select the Machine" no logs are displayed and instead the following message is displayed:
"Invalid credentials to view log files. Must be superuser."

==> /var/log/ovirt-engine/redhat-support-plugin-rhev.log <==
INFO  Tue Sep 01 09:53:22.892 CEST 2015 [7.0.0.1:8702-12] [ApiInterraction          ] Querying https://gr1.rhev.lab.eng.brq.redhat.com/ovirt-engine/api/users/00000018-0018-0018-0018-0000000002fd/roles with JSESSIONID=X7THDEV1EZ+aVN+MYgRa1orj
INFO  Tue Sep 01 09:53:22.893 CEST 2015 [7.0.0.1:8702-12] [SessionFilter            ] Adding cookies and headers JSESSIONID=X7THDEV1EZ+aVN+MYgRa1orj
ERROR Tue Sep 01 09:53:22.945 CEST 2015 [7.0.0.1:8702-12] [ApiInterraction          ] javax.ws.rs.ProcessingException: Unable to invoke request
ERROR Tue Sep 01 09:53:22.945 CEST 2015 [7.0.0.1:8702-12] [Logs                     ] Invalid credentials to view log files.  Must be superuser.

==> /var/log/ovirt-engine/server.log <==
2015-09-01 09:53:22,892 INFO  [com.redhat.gss.redhat_access_plugin.server.api_interraction.ApiInterraction] (ajp-/127.0.0.1:8702-12) Querying https://gr1.rhev.lab.eng.brq.redhat.com/ovirt-engine/api/users/00000018-0018-0018-0018-0000000002fd/roles with JSESSIONID=X7THDEV1EZ+aVN+MYgRa1orj
2015-09-01 09:53:22,893 INFO  [com.redhat.gss.redhat_access_plugin.server.filters.SessionFilter] (ajp-/127.0.0.1:8702-12) Adding cookies and headers JSESSIONID=X7THDEV1EZ+aVN+MYgRa1orj
2015-09-01 09:53:22,945 ERROR [com.redhat.gss.redhat_access_plugin.server.api_interraction.ApiInterraction] (ajp-/127.0.0.1:8702-12) javax.ws.rs.ProcessingException: Unable to invoke request
2015-09-01 09:53:22,945 ERROR [com.redhat.gss.redhat_access_plugin.server.Logs] (ajp-/127.0.0.1:8702-12) Invalid credentials to view log files.  Must be superuser.


Version-Release number of selected component (if applicable):
rhevm-3.6.0-0.12.master.el6.noarch

How reproducible:
100%

Steps to Reproduce:
1. Login as admin
2. Navigate to Log Viewer tab
3. Select "RHEV Manager" from the "Please Select the Machine" dropdown

Actual results:
Error message is displayed and no logs are shown:
"Invalid credentials to view log files. Must be superuser."

Expected results:
Log files are displayed correctly
Comment 3 Martin Bukatovic 2015-09-07 11:01:21 EDT
Could you check if the root cause is the same as in BZ 1097762?
Comment 6 Josh Kinlaw 2015-09-08 10:57:41 EDT
Working as designed. We do not allow users that are not part of the admin group to see logs.
Comment 7 Yaniv Lavi 2015-09-08 11:16:31 EDT
How do you know that this is a case due?
Gonza, did you use a user with admin role?
Comment 8 Gonza 2015-09-08 11:32:25 EDT
Always using admin@internal.

Just realized the reverse DNS server was broken when I installed the engine and the certificate was created with a wrong CN.

Note You need to log in before you can comment on or make changes to this bug.