You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@bloodhound.apache.org by Philip Brown <ph...@gmail.com> on 2014/10/23 10:14:10 UTC
Removing permissions for "anonymous" are not being respected
Problem: Removing permissions for "anonymous" are not being respected.
Example: After issuing "trac-admin /opt/bloodhound/environments/main/
permission remove anonymous '*'", anonymous can still browse wiki and
tickets.
How to replicate: These are the exact commands I issued to get server up
and running. I installed bloodhound on a freshly installed server to test.
These instructions were taken from
https://issues.apache.org/bloodhound/wiki/BloodhoundInstall
----------------------------
Bloodhound Install
----------------------------
Install Minimal Fedora Server, then turn off Firewall...
#systemctl disable firewalld
#systemctl stop firewalld
then edit "/etc/sysconfig/selinux" to set SELINUX into permissive mode.
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes
are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
next install necessary system tools and pre-requisites. Also add a
bloodhound system user with correct permissions.
#yum install -y tar net-tools python-virtualenv python-pip
#useradd --system -c "bloodhound system account" -m -d /opt/bloodhound -s
/usr/bin/bash bloodhound
Now install Apache Bloodhound.
#cp /home/philip/apache-bloodhound-0.7.tar.gz /opt/bloodhound/
#cd /opt/bloodhound/
#su bloodhound
>tar xvzf apache-bloodhound-0.7.tar.gz
>cd apache-bloodhound-0.7/installer
>virtualenv /opt/bloodhound/bhenv
>source /opt/bloodhound/bhenv/bin/activate
(bhenv)>pip install -r requirements.txt
(bhenv)>python bloodhound_setup.py
--environments_directory=/opt/bloodhound/environments
--default-product-prefix=LIFE
remove permissions:
(bhenv)>trac-admin /opt/bloodhound/environments/main/ permission remove
anonymous '*'
start service:
(bhenv)>tracd --port=8000 /opt/bloodhound/environments/main
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
No permission changes have been made.
#ll /opt/bloodhound
drwxrwxr-x. 10 bloodhound bloodhound 4096 Aug 19 2013
apache-bloodhound-0.7
-rw-r--r--. 1 root root 4038685 Oct 23 09:37
apache-bloodhound-0.7.tar.gz
drwxrwxr-x. 5 bloodhound bloodhound 4096 Oct 23 09:39 bhenv
drwxrwxr-x. 3 bloodhound bloodhound 4096 Oct 23 09:39 environments
What am I missing?