Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1501671

Summary: rhts-power doesn't work out of the box because lab controllers do not have permission to submit power commands, fails with bkr.server.bexceptions.InsufficientSystemPermissions
Product: [Retired] Beaker Reporter: Dan Callaghan <dcallagh>
Component: generalAssignee: Dan Callaghan <dcallagh>
Status: CLOSED CURRENTRELEASE QA Contact: Dan Callaghan <dcallagh>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: achatter, dcallagh, mjia, rjoost
Target Milestone: 24.5Keywords: Patch
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-10-27 06:47:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dan Callaghan 2017-10-13 03:42:35 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
24.4

How reproducible:


Steps to Reproduce:
1. Create a new system with default policy -- or ensure the policy does *not* grant "Control Power" permission to everyone
(Note that older Beaker installations will grant "Control Power" to everyone for historical reasons, which is why this bug was never immediately evident on Red Hat's Beaker instances)
2. Run a job which tries to do: rhts-power $THESYSTEM

Actual results:
rhts-power script fails with a traceback:

xmlrpclib.Fault: <Fault 1: "<class 'bkr.server.bexceptions.InsufficientSystemPermissions'>:User XXX does not have permission to power system XXX">

Expected results:
Should successfully submit a power command.
Comment 1 Dan Callaghan 2017-10-13 03:43:30 UTC 
Simplest solution is to grant the 'lab_controller' group special powers in the system permission checking methods (can_power() and friends). The same way that 'admin' group already has special powers, and 'lab_controller' already has special powers elsewhere.
Comment 2 Dan Callaghan 2017-10-19 07:35:26 UTC 
https://gerrit.beaker-project.org/5877
Comment 5 Dan Callaghan 2017-10-27 06:47:28 UTC 
Beaker 24.5 has been released.