Red Hat Bugzilla – Bug 872111
qpid-config traceback in case of ACL denial
Last modified: 2014-11-09 17:38:58 EST
Description of problem: The latest version of qpid-config tool shows an ugly traceback in case that the request was denied by ACL rule: [root@lzhaldyb-rhel63x ~]# qpid-config add exchange topic new -b user/password@localhost:5672 Failed: UnauthorizedAccess: unauthorized-access: ACL denied queue create request from user@QPID (qpid/broker/Broker.cpp:1106)(403) Traceback (most recent call last): File "/usr/bin/qpid-config", line 772, in <module> sys.exit(main()) File "/usr/bin/qpid-config", line 755, in main bm.Disconnect() File "/usr/bin/qpid-config", line 376, in Disconnect self.conn.close() File "<string>", line 6, in close File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 316, in close ssn.close(timeout=timeout) File "<string>", line 6, in close File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 739, in close self.sync(timeout=timeout) File "<string>", line 6, in sync File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 731, in sync if not self._ewait(lambda: not self.outgoing and not self.acked, timeout=timeout): File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 567, in _ewait self.check_error() File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 556, in check_error raise self.error qpid.messaging.exceptions.UnauthorizedAccess: unauthorized-access: ACL denied queue create request from user@QPID (qpid/broker/Broker.cpp:1106)(403) Version-Release number of selected component (if applicable): qpid-tools-0.18-2 How reproducible: 100% Steps to Reproduce: 1. Configure ACL rule to deny creation of queues by a certain user ("acl deny user@QPID create queue"). 2. Try to create a queue as this user. 3. Actual results: Besides the error message "ACL denied queue create request", a traceback will be printed to stderr. Expected results: No traceback printed. Additional info:
Created attachment 706231 [details] Supress traceback for ACL denial
http://svn.apache.org/viewvc?view=revision&revision=1478311 -> POST
bug behavior observed on latest-stable packages on RHEL 6.4 x86_64 fix observed on latest-and-greatest packages on RHEL 6.4 x { x86_64 , i686 } --> VERIFIED ! packages { latest stable { cyrus-sasl-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-devel-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-gssapi-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64 python-qpid-0.18-4.el6.noarch python-qpid-qmf-0.18-15.el6.x86_64 python-saslwrapper-0.18-1.el6_3.x86_64 qpid-cpp-client-0.18-14.el6.x86_64 qpid-cpp-client-devel-0.18-14.el6.x86_64 qpid-cpp-client-devel-docs-0.18-14.el6.noarch qpid-cpp-client-rdma-0.18-14.el6.x86_64 qpid-cpp-client-ssl-0.18-14.el6.x86_64 qpid-cpp-debuginfo-0.14-22.el6_3.x86_64 qpid-cpp-server-0.18-14.el6.x86_64 qpid-cpp-server-cluster-0.18-14.el6.x86_64 qpid-cpp-server-devel-0.18-14.el6.x86_64 qpid-cpp-server-rdma-0.18-14.el6.x86_64 qpid-cpp-server-ssl-0.18-14.el6.x86_64 qpid-cpp-server-store-0.18-14.el6.x86_64 qpid-cpp-server-xml-0.18-14.el6.x86_64 qpid-java-client-0.18-7.el6.noarch qpid-java-common-0.18-7.el6.noarch qpid-java-example-0.18-7.el6.noarch qpid-jca-0.18-8.el6.noarch qpid-jca-xarecovery-0.18-8.el6.noarch qpid-proton-c-0.4-2.2.el6.x86_64 qpid-proton-c-devel-0.4-2.2.el6.x86_64 qpid-qmf-0.18-15.el6.x86_64 qpid-qmf-debuginfo-0.14-14.el6_3.x86_64 qpid-qmf-devel-0.18-15.el6.x86_64 qpid-tests-0.18-2.el6.noarch qpid-tools-0.18-8.el6.noarch saslwrapper-0.18-1.el6_3.x86_64 saslwrapper-devel-0.18-1.el6_3.x86_64 } latest-and-greatest { 32-bit { cyrus-sasl-2.1.23-13.el6_3.1.i686 cyrus-sasl-devel-2.1.23-13.el6_3.1.i686 cyrus-sasl-gssapi-2.1.23-13.el6_3.1.i686 cyrus-sasl-lib-2.1.23-13.el6_3.1.i686 cyrus-sasl-md5-2.1.23-13.el6_3.1.i686 cyrus-sasl-plain-2.1.23-13.el6_3.1.i686 perl-qpid-0.22-5.el6.i686 python-qpid-0.22-4.el6.noarch python-qpid-qmf-0.22-7.el6.i686 python-saslwrapper-0.22-3.el6.i686 qpid-cpp-client-0.22-8.el6.i686 qpid-cpp-client-devel-0.22-8.el6.i686 qpid-cpp-client-devel-docs-0.22-8.el6.noarch qpid-cpp-client-rdma-0.22-8.el6.i686 qpid-cpp-client-ssl-0.22-8.el6.i686 qpid-cpp-debuginfo-0.22-8.el6.i686 qpid-cpp-server-0.22-8.el6.i686 qpid-cpp-server-devel-0.22-8.el6.i686 qpid-cpp-server-ha-0.22-8.el6.i686 qpid-cpp-server-rdma-0.22-8.el6.i686 qpid-cpp-server-ssl-0.22-8.el6.i686 qpid-cpp-server-store-0.22-8.el6.i686 qpid-cpp-server-xml-0.22-8.el6.i686 qpid-cpp-tar-0.22-8.el6.noarch qpid-java-client-0.22-5.el6.noarch qpid-java-common-0.22-5.el6.noarch qpid-java-example-0.22-5.el6.noarch qpid-proton-c-0.4-2.2.el6.i686 qpid-proton-c-devel-0.4-2.2.el6.i686 qpid-proton-debuginfo-0.4-2.2.el6.i686 qpid-qmf-0.22-7.el6.i686 qpid-qmf-debuginfo-0.22-7.el6.i686 qpid-qmf-devel-0.22-7.el6.i686 qpid-snmpd-1.0.0-12.el6.i686 qpid-snmpd-debuginfo-1.0.0-12.el6.i686 qpid-tests-0.22-4.el6.noarch qpid-tools-0.22-3.el6.noarch rh-qpid-cpp-tests-0.22-8.el6.i686 ruby-qpid-qmf-0.22-7.el6.i686 saslwrapper-0.22-3.el6.i686 } 64-bit { cyrus-sasl-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-devel-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-gssapi-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64 perl-qpid-0.22-5.el6.x86_64 python-qpid-0.22-4.el6.noarch python-qpid-qmf-0.22-7.el6.x86_64 python-saslwrapper-0.22-3.el6.x86_64 qpid-cpp-client-0.22-8.el6.x86_64 qpid-cpp-client-devel-0.22-8.el6.x86_64 qpid-cpp-client-devel-docs-0.22-8.el6.noarch qpid-cpp-client-rdma-0.22-8.el6.x86_64 qpid-cpp-client-ssl-0.22-8.el6.x86_64 qpid-cpp-debuginfo-0.22-8.el6.x86_64 qpid-cpp-server-0.22-8.el6.x86_64 qpid-cpp-server-devel-0.22-8.el6.x86_64 qpid-cpp-server-ha-0.22-8.el6.x86_64 qpid-cpp-server-rdma-0.22-8.el6.x86_64 qpid-cpp-server-ssl-0.22-8.el6.x86_64 qpid-cpp-server-store-0.22-8.el6.x86_64 qpid-cpp-server-xml-0.22-8.el6.x86_64 qpid-cpp-tar-0.22-8.el6.noarch qpid-java-client-0.22-5.el6.noarch qpid-java-common-0.22-5.el6.noarch qpid-java-example-0.22-5.el6.noarch qpid-proton-c-0.4-2.2.el6.x86_64 qpid-proton-c-devel-0.4-2.2.el6.x86_64 qpid-proton-debuginfo-0.4-2.2.el6.x86_64 qpid-qmf-0.22-7.el6.x86_64 qpid-qmf-debuginfo-0.22-7.el6.x86_64 qpid-qmf-devel-0.22-7.el6.x86_64 qpid-snmpd-1.0.0-12.el6.x86_64 qpid-snmpd-debuginfo-1.0.0-12.el6.x86_64 qpid-tests-0.22-4.el6.noarch qpid-tools-0.22-3.el6.noarch rh-qpid-cpp-tests-0.22-8.el6.x86_64 ruby-qpid-0.7.946106-2.el6.x86_64 saslwrapper-0.22-3.el6.x86_64 saslwrapper-devel-0.22-3.el6.x86_64 } } }
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-1296.html