FAQ
Hi, Hober. The `fun` argument should only be `key.list_all`. The rest of
both examples looks correct.

This causes an authorization failure because Salt's eauth system performs
pattern-matching against the function you are requesting to run and that
check does not match any of the eauth patterns in your config. I think this
error message can be improved although I'm not sure exactly where or how.
I've filled this issue below to collect ideas:

https://github.com/saltstack/salt/issues/21969
On Tuesday, March 17, 2015 at 9:36:12 PM UTC-4, Hober Smith wrote:

hi, when trying this with token authentication the same problem occurs.
you can see that the user authentication is successful when logging in and
that the user has permissions set correctly for the wheel group:

[root@XXX ~]# curl -sSk https://localhost:8888/login -H 'Accept:
application/x-yaml' -d username=XXX -d password=XXX -d eauth=pam
return:
- eauth: pam
expire: 1426685169.392385
perms:
- .*
- '@wheel'
- '@runner'
- '@jobs'
start: 1426641969.392382
token: 742dc72e45cbb0f9e59d37b206b9ab33c5b94721
user: XXX
[root@XXX ~]#

yet when i try to list the keys i get an authentication unauthorized/no
permissions error:

[root@XXX ~]# curl -sSk https://localhost:8888 -H 'Accept:
application/x-yaml' -H 'X-Auth-Token:
742dc72e45cbb0f9e59d37b206b9ab33c5b94721' -d fun=wheel.key.list_all -d
client=wheel
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8"></meta>
<title>401 Unauthorized</title>
<style type="text/css">
#powered_by {
margin-top: 20px;
border-top: 2px solid black;
font-style: italic;
}

#traceback {
color: red;
}
</style>
</head>
<body>
<h2>401 Unauthorized</h2>
<p>No permission -- see authorization schemes</p>
<pre id="traceback">Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/cherrypy/_cprequest.py", line
656, in respond
response.body = self.handler()
File "/usr/lib/python2.7/site-packages/cherrypy/lib/encoding.py", line
188, in __call__
self.body = self.oldhandler(*args, **kwargs)
File
"/usr/lib/python2.7/site-packages/salt/netapi/rest_cherrypy/app.py", line
390, in hypermedia_handler
raise cherrypy.HTTPError(401)
HTTPError: (401, None)
</pre>
<div id="powered_by">
<span>Powered by <a href="http://www.cherrypy.org">CherryPy
3.2.2</a></span>
</div>
</body>
</html>

does anybody have any suggestions? after spending a whole day on this and
trying everything i can think of besides looking here and at the
documentation there is no clear reason as to why this is occuring. if i
have something set incorrectly in the key request then i should get a
different type of error besides the authorization errorr. i'm currently
using salt salt-2014.7.2-1 on centos 7. any kind of help will be
appreciated. thanks.
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 4 | next ›
Discussion Overview
groupsalt-users @
postedMar 16, '15 at 9:36p
activeMar 28, '15 at 2:57p
posts4
users2

2 users in discussion

Hober Smith: 3 posts Seth House: 1 post

People

Translate

site design / logo © 2022 Grokbase