hi, when trying this with token authentication the same problem occurs.
you can see that the user authentication is successful when logging in and
that the user has permissions set correctly for the wheel group:

[[email protected] ~]# curl -sSk https://localhost:8888/login -H 'Accept:
application/x-yaml' -d username=XXX -d password=XXX -d eauth=pam
- eauth: pam
   expire: 1426685169.392385
   - .*
   - '@wheel'
   - '@runner'
   - '@jobs'
   start: 1426641969.392382
   token: 742dc72e45cbb0f9e59d37b206b9ab33c5b94721
   user: XXX
[[email protected] ~]#

yet when i try to list the keys i get an authentication unauthorized/no
permissions error:

[[email protected] ~]# curl -sSk https://localhost:8888 -H 'Accept:
application/x-yaml' -H 'X-Auth-Token:
742dc72e45cbb0f9e59d37b206b9ab33c5b94721' -d fun=wheel.key.list_all -d
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     <meta http-equiv="Content-Type" content="text/html;
     <title>401 Unauthorized</title>
     <style type="text/css">
     #powered_by {
         margin-top: 20px;
         border-top: 2px solid black;
         font-style: italic;

     #traceback {
         color: red;
         <h2>401 Unauthorized</h2>
         <p>No permission -- see authorization schemes</p>
         <pre id="traceback">Traceback (most recent call last):
   File "/usr/lib/python2.7/site-packages/cherrypy/_cprequest.py", line 656,
in respond
     response.body = self.handler()
   File "/usr/lib/python2.7/site-packages/cherrypy/lib/encoding.py", line
188, in __call__
     self.body = self.oldhandler(*args, **kwargs)
   File "/usr/lib/python2.7/site-packages/salt/netapi/rest_cherrypy/app.py",
line 390, in hypermedia_handler
     raise cherrypy.HTTPError(401)
HTTPError: (401, None)
     <div id="powered_by">
     <span>Powered by <a href="http://www.cherrypy.org">CherryPy

does anybody have any suggestions? after spending a whole day on this and
trying everything i can think of besides looking here and at the
documentation there is no clear reason as to why this is occuring. if i
have something set incorrectly in the key request then i should get a
different type of error besides the authorization errorr. i'm currently
using salt salt-2014.7.2-1 on centos 7. any kind of help will be
appreciated. thanks.

You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 4 | next ›
Discussion Overview
groupsalt-users @
postedMar 16, '15 at 9:36p
activeMar 28, '15 at 2:57p

2 users in discussion

Hober Smith: 3 posts Seth House: 1 post



site design / logo © 2023 Grokbase