Summary: | ASTERISK-20397: "manager show user <user>" shows the "all" permission despite it not being set | ||
Reporter: | Johan Wilfer (johan) | Labels: | |
Date Opened: | 2012-09-10 02:34:57 | Date Closed: | 2013-02-24 10:28:18.000-0600 |
Priority: | Minor | Regression? | No |
Status: | Closed/Complete | Components: | Core/ManagerInterface |
Versions: | 1.8.15.1 | Frequency of Occurrence | Frequent |
Related Issues: | |||
Environment: | Attachments: | ||
Description: | If I put this in my manager.conf: {noformat} [pbx_ami] secret = *** deny=0.0.0.0/0.0.0.0 permit = x.x.x.x/255.255.255.255 write=originate,call read= {noformat} I get this ("manager show user pbx_ami"): {noformat} username: pbx_ami secret: <Set> acl: yes read perm: <none> write perm: call,originate,all displayconnects: yes {noformat} Notice the "all"-permission in the output, but not present in the config. | ||
Comments: | By: Rusty Newton (rnewton) 2012-09-15 14:43:06.950-0500 That looks odd. Can you provide your entire manager.conf (sanitized of course)? What happens when you don't define any permissions for "write=" ? By: Johan Wilfer (johan) 2012-09-15 15:19:26.418-0500 manager.conf {noformat} [general] enabled = yes port = 5038 bindaddr = 127.0.0.1 [pbx_ami] secret = *** deny=0.0.0.0/0.0.0.0 permit = 127.0.0.1/255.255.255.255 write=originate,call read= {noformat} If I remove the write-line, and restart asterisk (sidenote: reload will not remove the previous write permission, but restart will). Also if I change the write-line to "write=", I get the same output.: {noformat} pbx1*CLI> manager show user pbx_ami username: pbx_ami secret: <Set> acl: yes read perm: <none> write perm: <none> displayconnects: yes {noformat} If I alter the write-line to "write=all", and reload: {noformat} pbx1*CLI> manager show user pbx_ami username: pbx_ami secret: <Set> acl: yes read perm: <none> write perm: system,call,log,verbose,command,agent,user,config,dtmf,reporting,cdr,dialplan,originate,agi,cc,aoc,test,all displayconnects: yes {noformat} By: Rusty Newton (rnewton) 2012-09-15 17:03:56.970-0500 I suppose this line "write=originate,callwrite=all" in your comment above is a typo within the comment? Thanks for the extra information. I'd also be interested if you could get similar behavior with "read=" By: Johan Wilfer (johan) 2012-09-16 01:34:49.746-0500 Yes, you're right. I must accidentally have pasted this line into the config block. Edited and corrected now. I see the same thing with read. For example, this config: {noformat} write= read=originate,call {noformat} Gives: {noformat} read perm: call,originate,all write perm: <none> {noformat} By: Johan Wilfer (johan) 2012-09-19 07:04:43.495-0500 Should this issue really be assigned to me? By: Richard Mudgett (rmudgett) 2012-09-19 11:24:52.680-0500 It is a quirk of how the "Waiting For Feedback" state works when the issue is unassigned when put into the feedback state. |