You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ file minionkeys.tar
minionkeys.tar: POSIX tar archive
Expected behavior
A valid token should work for e.g. @wheel endpoints provided permissions allow for it.
Screenshots
N/A
Versions Report
salt --versions-report
(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)
salt-master:
Salt Version:
Salt: 3005.1Dependency Versions:
cffi: 1.14.6cherrypy: unknowndateutil: 2.8.1docker-py: Not Installedgitdb: Not Installedgitpython: Not InstalledJinja2: 3.1.0libgit2: 1.5.0M2Crypto: Not InstalledMako: Not Installedmsgpack: 1.0.2msgpack-pure: Not Installedmysql-python: Not Installedpycparser: 2.21pycrypto: Not Installedpycryptodome: 3.9.8pygit2: 1.11.1Python: 3.9.16 (main, Jan 6 2023, 22:52:19)python-gnupg: 0.4.8PyYAML: 5.4.1PyZMQ: 23.2.0smmap: Not Installedtimelib: 0.2.4Tornado: 4.5.3ZMQ: 4.3.4System Versions:
dist: almalinux 8.7 Stone Smilodonlocale: utf-8machine: x86_64release: 4.18.0-425.13.1.el8_7.x86_64system: Linuxversion: AlmaLinux 8.7 Stone Smilodon
salt-api (same VM, same installation method, etc.):
Salt Version:
Salt: 3005.1Dependency Versions:
cffi: 1.14.6cherrypy: 18.6.1dateutil: 2.8.1docker-py: Not Installedgitdb: Not Installedgitpython: Not InstalledJinja2: 3.1.0libgit2: 1.5.0M2Crypto: Not InstalledMako: Not Installedmsgpack: 1.0.2msgpack-pure: Not Installedmysql-python: Not Installedpycparser: 2.21pycrypto: Not Installedpycryptodome: 3.9.8pygit2: 1.11.1Python: 3.9.16 (main, Jan 6 2023, 22:52:19)python-gnupg: 0.4.8PyYAML: 5.4.1PyZMQ: 23.2.0smmap: Not Installedtimelib: 0.2.4Tornado: 4.5.3ZMQ: 4.3.4System Versions:
dist: almalinux 8.7 Stone Smilodonlocale: utf-8machine: x86_64release: 4.18.0-425.13.1.el8_7.x86_64system: Linuxversion: AlmaLinux 8.7 Stone Smilodon
Additional context
N/A
The text was updated successfully, but these errors were encountered:
Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as possible. In the meantime, here’s some information that may help as you continue your Salt journey.
Please be sure to review our Code of Conduct. Also, check out some of our community resources including:
There are lots of ways to get involved in our community. Every month, there are around a dozen opportunities to meet with other contributors and the Salt Core team and collaborate in real time. The best way to keep track is by subscribing to the Salt Community Events Calendar.
If you have additional questions, email us at saltproject@vmware.com. We’re glad you’ve joined our community and look forward to doing awesome things with you!
Description
Try as I might,
rest_cherrypy
fails to auth properly for wheel commands when using a token. (And returns a 500 instead of a 401.)Setup
(some values replaced with facsimiles)
master config
nginx config
Please be as specific as possible and give set-up details.
Steps to Reproduce the behavior
Refer to above master log and nginx config.
Reverse-proxy to salt-api via Nginx using above configuration.
Use LDAP auth to AD.
Tomfoolery ensues. Assume that
${user}
below is indeed a member ofCorp Engineers
, and per the master debug log is properly detected as such.Getting a token succeeds.
and SOME endpoints work fine...
...and some calls, like `/keys`, fail catastrophically if...
X-Auth-Token
is used:or
-d token=${token}
is used:But succeeds for
eauth
.Expected behavior
A valid token should work for e.g.
@wheel
endpoints provided permissions allow for it.Screenshots
N/A
Versions Report
salt --versions-report
(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)salt-master
:salt-api
(same VM, same installation method, etc.):Additional context
N/A
The text was updated successfully, but these errors were encountered: