#473 ✓invalid
chengkai liang

Rundeck 1.4.0.2 Incomplete Debian packages

Reported by chengkai liang | November 11th, 2011 @ 12:12 PM

The Debian rundeck package is incomplete. Under /etc/rundeck directory, there are not default admin.aclpolicy and api_token.aclpolicy.

Comments and changes to this ticket

  • Greg Schueler

    Greg Schueler November 14th, 2011 @ 09:55 AM

    • Milestone set to Rundeck 1.4.1
    • Milestone order changed from “113” to “0”
  • Greg Schueler

    Greg Schueler November 14th, 2011 @ 09:56 AM

    • Milestone cleared.
    • Milestone order changed from “3” to “0”
  • Greg Schueler

    Greg Schueler November 28th, 2011 @ 12:18 PM

    • State changed from “new” to “invalid”
    • Assigned user set to “Greg Schueler”

    I tested on ubuntu 10.10 and it seems to be fine:

    rdeck@blofeld:~$ ls /etc/rundeck
ls: cannot access /etc/rundeck: No such file or directory
rdeck@blofeld:~$ sudo dpkg -i rundeck-1.4.0.2-1.deb
Selecting previously deselected package rundeck.
(Reading database ... 124066 files and directories currently installed.)
Unpacking rundeck (from rundeck-1.4.0.2-1.deb) ...
Setting up rundeck (1.4.0.2) ...
usermod: no changes
Processing triggers for ureadahead ...
Processing triggers for man-db ...
rdeck@blofeld:~$ ls /etc/rundeck/
admin.aclpolicy  apitoken.aclpolicy  framework.properties  jaas-loginmodule.conf  log4j.properties  profile  project.properties  realm.properties  rundeck-config.properties  ssl
rdeck@blofeld:~$ sudo more /etc/rundeck/admin.aclpolicy
description: Admin, all access.
context:
  project: '.*' # all projects
for:
  resource:
    - allow: '*' # allow read/create all kinds
  adhoc:
    - allow: '*' # allow running/killing adhoc jobs
  job: 
    - allow: '*' # allow read/write/delete/run/kill of all jobs
  node:
    - allow: '*' # allow read/run for all nodes
by:
  group: admin

---

description: Admin, all access.
context:
  application: 'rundeck'
for:
  resource:
    - allow: '*' # allow create of projects
  project:
    - allow: '*' # allow view/admin of all projects
by:
  group: admin
rdeck@blofeld:~$ sudo more /etc/rundeck/apitoken.aclpolicy 
description: API project level access control
context:
  project: '.*' # all projects
for:
  resource:
    - equals:
        kind: job
      allow: [create] # allow create jobs
    - equals:
        kind: node
      allow: [read,create,update,refresh] # allow refresh node sources
    - equals:
        kind: event
      allow: [read,create] # allow read/create events
  adhoc:
    - allow: [run,kill] # allow running/killing adhoc jobs
  job: 
    - allow: [read,update,delete,run,kill] # allow read/write/delete/run/kill of all jobs
  node:
    - allow: [read,run] # allow read/run for all nodes
by:
  group: api_token_group

---

description: API Application level access control
context:
  application: 'rundeck'
for:
  resource:
    - equals:
        kind: system
      allow: [read] # allow read of system info
  project:
    - match:
        name: '.*'
      allow: [read] # allow view of all projects
by:
  group: api_token_group

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues

Shared Ticket Bins

People watching this ticket

Pages