我希望有人可以指出我在这里犯的一些小学生错误,因为我很想忘记。
知道权限消失的原因吗?
为了解决这个问题,我必须清理所有用户并重新设置它们,但重新启动后再次擦除它们。
提前致谢
修改
我正在使用Jenkins自己的用户数据库,并尝试了基于矩阵的权限和基于项目的矩阵授权。
重新启动后,当我尝试访问jenkins配置页面时,我收到错误" t143a缺少整体/管理权限"
重启后我的config.xml是(看起来我确实按照这个管理):
<?xml version='1.0' encoding='UTF-8'?>
<hudson>
<disabledAdministrativeMonitors/>
<version>1.0</version>
<numExecutors>2</numExecutors>
<mode>NORMAL</mode>
<useSecurity>true</useSecurity>
<authorizationStrategy class="hudson.security.ProjectMatrixAuthorizationStrategy">
<permission>com.cloudbees.plugins.credentials.CredentialsProvider.Create:T143AHE</permission>
<permission>com.cloudbees.plugins.credentials.CredentialsProvider.Delete:T143AHE</permission>
<permission>com.cloudbees.plugins.credentials.CredentialsProvider.ManageDomains:T143AHE</permission>
<permission>com.cloudbees.plugins.credentials.CredentialsProvider.Update:T143AHE</permission>
<permission>com.cloudbees.plugins.credentials.CredentialsProvider.View:T143AHE</permission>
<permission>hudson.model.Computer.Build:T143AHE</permission>
<permission>hudson.model.Computer.Configure:T143AHE</permission>
<permission>hudson.model.Computer.Connect:T143AHE</permission>
<permission>hudson.model.Computer.Create:T143AHE</permission>
<permission>hudson.model.Computer.Delete:T143AHE</permission>
<permission>hudson.model.Computer.Disconnect:T143AHE</permission>
<permission>hudson.model.Hudson.Administer:T143AHE</permission>
<permission>hudson.model.Hudson.ConfigureUpdateCenter:T143AHE</permission>
<permission>hudson.model.Hudson.Read:T143AHE</permission>
<permission>hudson.model.Hudson.Read:anonymous</permission>
<permission>hudson.model.Hudson.RunScripts:T143AHE</permission>
<permission>hudson.model.Hudson.UploadPlugins:T143AHE</permission>
<permission>hudson.model.Item.Build:T143AHE</permission>
<permission>hudson.model.Item.Cancel:T143AHE</permission>
<permission>hudson.model.Item.Configure:T143AHE</permission>
<permission>hudson.model.Item.Create:T143AHE</permission>
<permission>hudson.model.Item.Delete:T143AHE</permission>
<permission>hudson.model.Item.Discover:T143AHE</permission>
<permission>hudson.model.Item.Read:T143AHE</permission>
<permission>hudson.model.Item.Workspace:T143AHE</permission>
<permission>hudson.model.Run.Delete:T143AHE</permission>
<permission>hudson.model.Run.Update:T143AHE</permission>
<permission>hudson.model.View.Configure:T143AHE</permission>
<permission>hudson.model.View.Create:T143AHE</permission>
<permission>hudson.model.View.Delete:T143AHE</permission>
<permission>hudson.model.View.Read:T143AHE</permission>
<permission>hudson.scm.SCM.Tag:T143AHE</permission>
</authorizationStrategy>
<securityRealm class="hudson.security.HudsonPrivateSecurityRealm">
<disableSignup>false</disableSignup>
<enableCaptcha>false</enableCaptcha>
</securityRealm>
<disableRememberMe>false</disableRememberMe>
<projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
<workspaceDir>${ITEM_ROOTDIR}/workspace</workspaceDir>
<buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
<markupFormatter class="hudson.markup.EscapedMarkupFormatter"/>
<jdks/>
<viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
<myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
<clouds/>
<slaves/>
<scmCheckoutRetryCount>0</scmCheckoutRetryCount>
<views>
<hudson.model.AllView>
<owner class="hudson" reference="../../.."/>
<name>All</name>
<filterExecutors>false</filterExecutors>
<filterQueue>false</filterQueue>
<properties class="hudson.model.View$PropertyList"/>
</hudson.model.AllView>
</views>
<primaryView>All</primaryView>
<slaveAgentPort>0</slaveAgentPort>
<label></label>
<nodeProperties/>
<globalNodeProperties/>
</hudson>
我的用户特定config.xml是:
<user>
<fullName>scribe1010</fullName>
<properties>
<hudson.model.PaneStatusProperties>
<collapsed/>
</hudson.model.PaneStatusProperties>
<jenkins.security.ApiTokenProperty>
<apiToken>lnqauTbOZ0xuAK9qBuh6/UG3RRmzN4mxkiSADlYmQD7jkqN1XswzKmqEOLpvBVsG</apiToken>
</jenkins.security.ApiTokenProperty>
<com.cloudbees.plugins.credentials.UserCredentialsProvider_-UserCredentialsProperty plugin="credentials@1.18">
<domainCredentialsMap class="hudson.util.CopyOnWriteMap$Hash"/>
</com.cloudbees.plugins.credentials.UserCredentialsProvider_-UserCredentialsProperty>
<hudson.model.MyViewsProperty>
<views>
<hudson.model.AllView>
<owner class="hudson.model.MyViewsProperty" reference="../../.."/>
<name>All</name>
<filterExecutors>false</filterExecutors>
<filterQueue>false</filterQueue>
<properties class="hudson.model.View$PropertyList"/>
</hudson.model.AllView>
</views>
</hudson.model.MyViewsProperty>
<hudson.search.UserSearchProperty>
<insensitiveSearch>false</insensitiveSearch>
</hudson.search.UserSearchProperty>
<hudson.security.HudsonPrivateSecurityRealm_-Details>
<passwordHash>#jbcrypt:$2a$10$29UCLwZafb8TTSsGvsWYBunY034m1q.Wjgl5JfbCJR83Dcvvs1Dh2</passwordHash>
</hudson.security.HudsonPrivateSecurityRealm_-Details>
<hudson.tasks.Mailer_-UserProperty plugin="mailer@1.12">
<emailAddress>a.b@c.com</emailAddress>
</hudson.tasks.Mailer_-UserProperty>
<jenkins.security.LastGrantedAuthoritiesProperty>
<roles>
<string>authenticated</string>
</roles>
<timestamp>1416992003750</timestamp>
</jenkins.security.LastGrantedAuthoritiesProperty>
</properties>
</user>
注意:此处角色列为&#39;已验证&#39;而不是像管理员那样的任何事情。等......(不知道这是不是一个问题)。
编辑2 我已升级到最新的rpm,但没有修复。
答案 0 :(得分:6)
正如Daniel在评论中所建议的那样,将用户名限制为小写(可能还有额外的配置保存)已经完成了这一操作,并且在重新启动后权限现在仍然存在。
答案 1 :(得分:0)
我发现在我的Jenkins实例上(在docker上运行,尽管我认为这无关紧要),在 $ JEKINS_HOME / < strong> init.groovy.d 一个名为 security.groovy 的目录。
此文件正在强制执行安全领域策略和授权策略(可能会覆盖您自己的策略)。
也许可以检查一下,希望对您有所帮助!