You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@bloodhound.apache.org by Philip Brown <ph...@gmail.com> on 2014/10/23 10:14:10 UTC

Removing permissions for "anonymous" are not being respected

Problem: Removing permissions for "anonymous" are not being respected.

Example: After issuing "trac-admin /opt/bloodhound/environments/main/
permission remove anonymous '*'", anonymous can still browse wiki and
tickets.

How to replicate: These are the exact commands I issued to get server up
and running. I installed bloodhound on a freshly installed server to test.
These instructions were taken from
https://issues.apache.org/bloodhound/wiki/BloodhoundInstall

----------------------------
Bloodhound Install
----------------------------

Install Minimal Fedora Server, then turn off Firewall...

#systemctl disable firewalld
#systemctl stop firewalld

then edit "/etc/sysconfig/selinux" to set SELINUX into permissive mode.
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes
are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

next install necessary system tools and pre-requisites. Also add a
bloodhound system user with correct permissions.

#yum install -y tar net-tools python-virtualenv python-pip

#useradd --system -c "bloodhound system account" -m -d /opt/bloodhound -s
/usr/bin/bash bloodhound

Now install Apache Bloodhound.

#cp /home/philip/apache-bloodhound-0.7.tar.gz /opt/bloodhound/

#cd /opt/bloodhound/

#su bloodhound

>tar xvzf apache-bloodhound-0.7.tar.gz

>cd apache-bloodhound-0.7/installer

>virtualenv /opt/bloodhound/bhenv

>source /opt/bloodhound/bhenv/bin/activate

(bhenv)>pip install -r requirements.txt

(bhenv)>python bloodhound_setup.py
--environments_directory=/opt/bloodhound/environments
--default-product-prefix=LIFE

remove permissions:
(bhenv)>trac-admin /opt/bloodhound/environments/main/ permission remove
anonymous '*'

start service:
(bhenv)>tracd --port=8000 /opt/bloodhound/environments/main
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
No permission changes have been made.
#ll /opt/bloodhound
drwxrwxr-x. 10 bloodhound bloodhound    4096 Aug 19  2013
apache-bloodhound-0.7
-rw-r--r--.  1 root       root       4038685 Oct 23 09:37
apache-bloodhound-0.7.tar.gz
drwxrwxr-x.  5 bloodhound bloodhound    4096 Oct 23 09:39 bhenv
drwxrwxr-x.  3 bloodhound bloodhound    4096 Oct 23 09:39 environments

What am I missing?