Code: Alles auswählen
Jan 18 16:41:50.572 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'group_getObjects' denied for user 'adminuser'
Jan 18 16:41:50.771 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'objectToGroup_getObjects' denied for user 'adminuser'
Jan 18 16:41:50.852 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'config_updateObjects' denied for user 'adminuser': Backend permission denied error: Access denied
Jan 18 16:41:51.069 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'configState_getObjects' denied for user 'adminuser'
Jan 18 16:41:51.069 2017 -- JSONReMapper: Exception on reproducing null, java.lang.NullPointerException
Jan 18 16:41:51.688 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'product_getObjects' denied for user 'adminuser'
Jan 18 16:41:51.688 2017 -- JSONReMapper: Exception on reproducing null, java.lang.NullPointerException
Jan 18 16:41:51.757 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'productOnDepot_getObjects' denied for user 'adminuser'
Jan 18 16:41:51.758 2017 -- JSONReMapper: Exception on reproducing null, java.lang.NullPointerException
Jan 18 16:41:51.828 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'config_getObjects' denied for user 'adminuser'
Jan 18 16:41:51.904 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'productProperty_getObjects' denied for user 'adminuser'
Jan 18 16:41:51.904 2017 -- JSONReMapper: Exception on reproducing null, java.lang.NullPointerException
Jan 18 16:41:52.277 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'config_getObjects' denied for user 'adminuser'
Jan 18 16:41:52.419 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'group_getObjects' denied for user 'adminuser'
Jan 18 16:41:52.490 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'objectToGroup_getObjects' denied for user 'adminuser'
Jan 18 16:41:52.559 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'auditHardware_getConfig' denied for user 'adminuser'
Jan 18 16:41:52.625 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'productDependency_getObjects' denied for user 'adminuser'
Jan 18 16:41:52.625 2017 -- JSONReMapper: Exception on reproducing null, java.lang.NullPointerException
Jan 18 16:41:52.695 2017 -- Opsi service error: [BackendPermissionDeniedError] Backend permission denied error: Access to method 'auditSoftware_getHashes' denied for user 'adminuser'
Jan 18 16:41:52.695 2017 -- JSONReMapper: Exception on reproducing null, java.lang.NullPointerExceptionCode: Alles auswählen
# -*- coding: utf-8 -*-
# = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
# = backend acl configuration =
# = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
#
# This file configures access control to protected backend methods.
# Entries has to follow the form:
# <regular expression to match method name(s)> : <semicolon separated list of acl entries>
#
# acl enrties are specified like:
# <entry type>[(<comma separated list of names/ids>[,attributes(<comma separated list of allowed/denied attributes>)])]
#
# For every method the first entry which allows (partial) access is decisive.
#
# Possible types of entries are:
# all : everyone
# sys_user : a system user
# sys_group : a system group
# opsi_depotserver : an opsi depot server
# opsi_client : an opsi client
# self : the object to be read or written
#
# Examples:
# host_getObjects : self
# allow clients to read their own host objects
# host_deleteObjects : sys_user(admin,opsiadmin),sys_group(opsiadmins)
# allow system users "admin", "opsiadmin" and members of system group "opsiadmins" to delete hosts
# product_.* : opsi_client(client1.uib.local),opsi_depotserver
# allow access to product objects to opsi client "client1.uib.local" and all opsi depot servers
# host_getObjects : sys_user(user1,attributes(id,description,notes))
# allow partial access to host objects to system user "user1". "user1" is allowed to read object attributes "id", "description", "notes"
# host_getObjects : sys_group(group1,attributes(!opsiHostKey))
# allow partial access to host objects to members of system group "group1". Members are allowed to read all object attributes except "opsiHostKey"
backend_deleteBase : sys_group(opsiadmin)
backend_.* : all
hostControl.* : sys_group(opsiadmin); opsi_depotserver
host_get.* : sys_group(opsiadmin); opsi_depotserver; self; opsi_client(attributes(!opsiHostKey,!description,!lastSeen,!notes,!hardwareAddress,!inventoryNumber))
auditSoftware_delete.* : sys_group(opsiadmin); opsi_depotserver
auditSoftware_.* : sys_group(opsiadmin); opsi_depotserver; opsi_client
auditHardware_delete.* : sys_group(opsiadmin); opsi_depotserver
auditHardware_.* : sys_group(opsiadmin); opsi_depotserver; opsi_client
.*_get.* : sys_group(opsiadmin); opsi_depotserver; opsi_client
.* : sys_group(opsiadmin); opsi_depotserver; self
Code: Alles auswählen
groups adminuser
adminuser : adminuser pcpatch opsiadmin
