Description of problem: A user without MANAGE_SETTINGS is unable to log in in the CLI. This holds true for both the interactive console as well as the scripts. Version-Release number of selected component (if applicable): 4.2.0.JON300.GA How reproducible: always Steps to Reproduce: 1. $ bin/rhq-cli.sh 2. unconnected> login <limited-user> <password> or 1. $ bin/rhq-cli.sh --host <RHQ-hostname> --user <limited-user> --password <password> or 1. $ bin/rhq-cli.sh --host <RHQ-hostname> --user <limited-user> --password <password> -f any-script.js or a script test.js with contents: rhq.login("<limite-user>", "<password>"); and 1. $ bin/rhq-cli.sh -f test.js Actual results: All of the above give an error about the user not having MANAGE_SETTINGS and give up on logging in. Expected results: The user logs in and everything works as expected. Additional info:
Note that the failure is purely because of the fact that the CLI wants to print out the version of the server it has connected to and fails, because the method it uses to find that out requires MANAGE_SETTINGS.
lukas reports regression from JON 2.4.1
This got introduced by commit 0bdeb3eb1c3bfa742697f6cdac57b0c80d80af36
master: http://git.fedorahosted.org/git/?p=rhq/rhq.git;a=commitdiff;h=bfb46035204786e3e1297a41cdb1eede7e901e77 release_jon3.x: http://git.fedorahosted.org/git/?p=rhq/rhq.git;a=commitdiff;h=b990a6435cb882c765fbe6e5c9dfc16e6ba54395 Author: Lukas Krejci <lkrejci> Date: Mon Dec 5 16:43:27 2011 +0100 [BZ 760148] - Use the unprivileged method introduced by the commit 0589b9ee8488bd1 for BZ 694892 for obtaining the version info upon the CLI login.
(10:43:21 AM) ccrouch: jshaughn: so can you confirm http://git.fedorahosted.org/git/?p=rhq/rhq.git;a=commitdiff;h=0bdeb3eb1c3bfa742697f6cdac57b0c80d80af36 is the change that originally introduced the problem? (10:44:09 AM) jshaughn: yep, looks like that's the one
This is the same problem as bug 694892. The fix looks good.
Verified in Jon3GA-2 build. Created a user 'testuser' without MANAGE_SETTINGS. Tried below commands in CLI and verified that testuser is able to login successfully: 1. [root@suniltest rhq-remoting-cli-4.2.0.JON300.GA]# bin/rhq-cli.sh RHQ - RHQ Enterprise Remote CLI 4.2.0.JON300.GA unconnected$ login testuser redhat Remote server version is: 3.0.0.GA (e23441b:1ca6ad9) Login successful testuser@localhost:7080$ ------------------------------------------------------------- 2. [root@suniltest rhq-remoting-cli-4.2.0.JON300.GA]# bin/rhq-cli.sh --host suniltest.usersys.redhat.com --user testuser --password redhat RHQ - RHQ Enterprise Remote CLI 4.2.0.JON300.GA Remote server version is: 3.0.0.GA (e23441b:1ca6ad9) Login successful testuser.redhat.com:7080$ -------------------------------------------------------------- 3. Executed a script as below: [root@suniltest rhq-remoting-cli-4.2.0.JON300.GA]# bin/rhq-cli.sh --host suniltest.usersys.redhat.com --user testuser --password redhat -f testscript.js Remote server version is: 3.0.0.GA (e23441b:1ca6ad9) Login successful Test Output from script execution! [root@suniltest rhq-remoting-cli-4.2.0.JON300.GA]# ----------------------------------------------------------------- 4. Created a test.js file with below content: rhq.login("testuser", "redhat"); println(subject); Executed as below: [root@suniltest rhq-remoting-cli-4.2.0.JON300.GA]# bin/rhq-cli.sh -f test.js Remote server version is: 3.0.0.GA (e23441b:1ca6ad9) Subject[id=10001,name=testuser] [root@suniltest rhq-remoting-cli-4.2.0.JON300.GA]# ------------------------------------------------------------------ Marking verified as it is working as expected.
verified JON GA #2
marking VERIFIED JON 3 bugs to CLOSED/CURRENTRELEASE
changing status of VERIFIED BZs for JON 2.4.2 and JON 3.0 to CLOSED/CURRENTRELEASE