you can see that the user authentication is successful when logging in and
that the user has permissions set correctly for the wheel group:
[root@XXX ~]# curl -sSk https://localhost:8888/login -H 'Accept:
application/x-yaml' -d username=XXX -d password=XXX -d eauth=pam
return:
- eauth: pam
expire: 1426685169.392385
perms:
- .*
- '@wheel'
- '@runner'
- '@jobs'
start: 1426641969.392382
token: 742dc72e45cbb0f9e59d37b206b9ab33c5b94721
user: XXX
[root@XXX ~]#
yet when i try to list the keys i get an authentication unauthorized/no
permissions error:
[root@XXX ~]# curl -sSk https://localhost:8888 -H 'Accept:
application/x-yaml' -H 'X-Auth-Token:
742dc72e45cbb0f9e59d37b206b9ab33c5b94721' -d fun=wheel.key.list_all -d
client=wheel
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8"></meta>
<title>401 Unauthorized</title>
<style type="text/css">
#powered_by {
margin-top: 20px;
border-top: 2px solid black;
font-style: italic;
}
#traceback {
color: red;
}
</style>
</head>
<body>
<h2>401 Unauthorized</h2>
<p>No permission -- see authorization schemes</p>
<pre id="traceback">Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/cherrypy/_cprequest.py", line 656,
in respond
response.body = self.handler()
File "/usr/lib/python2.7/site-packages/cherrypy/lib/encoding.py", line
188, in __call__
self.body = self.oldhandler(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/salt/netapi/rest_cherrypy/app.py",
line 390, in hypermedia_handler
raise cherrypy.HTTPError(401)
HTTPError: (401, None)
</pre>
<div id="powered_by">
<span>Powered by <a href="http://www.cherrypy.org">CherryPy
3.2.2</a></span>
</div>
</body>
</html>
does anybody have any suggestions? after spending a whole day on this and
trying everything i can think of besides looking here and at the
documentation there is no clear reason as to why this is occuring. if i
have something set incorrectly in the key request then i should get a
different type of error besides the authorization errorr. i'm currently
using salt salt-2014.7.2-1 on centos 7. any kind of help will be
appreciated. thanks.
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
