#473 ✓invalid
chengkai liang

Rundeck 1.4.0.2 Incomplete Debian packages

Reported by chengkai liang | November 11th, 2011 @ 12:12 PM

The Debian rundeck package is incomplete. Under /etc/rundeck directory, there are not default admin.aclpolicy and api_token.aclpolicy.

Comments and changes to this ticket

  • Greg Schueler

    Greg Schueler November 14th, 2011 @ 09:55 AM

    • Milestone set to Rundeck 1.4.1
    • Milestone order changed from “113” to “0”
  • Greg Schueler

    Greg Schueler November 14th, 2011 @ 09:56 AM

    • Milestone cleared.
    • Milestone order changed from “3” to “0”
  • Greg Schueler

    Greg Schueler November 28th, 2011 @ 12:18 PM

    • State changed from “new” to “invalid”
    • Assigned user set to “Greg Schueler”

    I tested on ubuntu 10.10 and it seems to be fine:

    rdeck@blofeld:~$ ls /etc/rundeck
    ls: cannot access /etc/rundeck: No such file or directory
    rdeck@blofeld:~$ sudo dpkg -i rundeck-1.4.0.2-1.deb
    Selecting previously deselected package rundeck.
    (Reading database ... 124066 files and directories currently installed.)
    Unpacking rundeck (from rundeck-1.4.0.2-1.deb) ...
    Setting up rundeck (1.4.0.2) ...
    usermod: no changes
    Processing triggers for ureadahead ...
    Processing triggers for man-db ...
    rdeck@blofeld:~$ ls /etc/rundeck/
    admin.aclpolicy  apitoken.aclpolicy  framework.properties  jaas-loginmodule.conf  log4j.properties  profile  project.properties  realm.properties  rundeck-config.properties  ssl
    rdeck@blofeld:~$ sudo more /etc/rundeck/admin.aclpolicy
    description: Admin, all access.
    context:
      project: '.*' # all projects
    for:
      resource:
        - allow: '*' # allow read/create all kinds
      adhoc:
        - allow: '*' # allow running/killing adhoc jobs
      job: 
        - allow: '*' # allow read/write/delete/run/kill of all jobs
      node:
        - allow: '*' # allow read/run for all nodes
    by:
      group: admin
    
    ---
    
    description: Admin, all access.
    context:
      application: 'rundeck'
    for:
      resource:
        - allow: '*' # allow create of projects
      project:
        - allow: '*' # allow view/admin of all projects
    by:
      group: admin
    rdeck@blofeld:~$ sudo more /etc/rundeck/apitoken.aclpolicy 
    description: API project level access control
    context:
      project: '.*' # all projects
    for:
      resource:
        - equals:
            kind: job
          allow: [create] # allow create jobs
        - equals:
            kind: node
          allow: [read,create,update,refresh] # allow refresh node sources
        - equals:
            kind: event
          allow: [read,create] # allow read/create events
      adhoc:
        - allow: [run,kill] # allow running/killing adhoc jobs
      job: 
        - allow: [read,update,delete,run,kill] # allow read/write/delete/run/kill of all jobs
      node:
        - allow: [read,run] # allow read/run for all nodes
    by:
      group: api_token_group
    
    ---
    
    description: API Application level access control
    context:
      application: 'rundeck'
    for:
      resource:
        - equals:
            kind: system
          allow: [read] # allow read of system info
      project:
        - match:
            name: '.*'
          allow: [read] # allow view of all projects
    by:
      group: api_token_group
    

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues

Shared Ticket Bins

People watching this ticket

Pages