[rt-users] Privileges not honored for Everyone after 3.8.1 upgrade

RT rt at ragweed.net
Thu Sep 4 22:10:21 EDT 2008


rt-users,

I recently upgraded from 3.6.5 (MySQL 4.0.21) to 3.8.1 (MySQL 5.0.45),
using the following --

/opt/rt3/sbin/rt-setup-database --dba root --action upgrade
perl etc/upgrade/schema.mysql-4.0-4.1.pl rt3 (and applying the output)

Everything appears to be fine with respects to incoming tickets,
ownership, etc. No obvious errors appear in any logs. Authentication
is handled by mod_authnz_ldap.

One queue in particular, "Support" has no privileges enabled for the
Everyone role. Unprivileged users, which are manually created, have
CreateTicket privileges. Prior to the 3.8.1 upgrade, incoming e-mails
from unknown users were rejected with the appropriate "No permissions
to create tickets in queue Support". Only e-mails from existing
Unprivileged users would generate tickets.

After the 3.8.1 upgrade, any incoming e-mail causes a user to be
"auto-created by form submission" and the ticket to be created in the
appropriate queue, disregarding any permissions for the queue. (This
is bad.)

Auth::Mailfrom appears in 'Admin/Tools/Configuration.html', which as
best I understand it, should check the Queue permissions and reject
the e-mail appropriately. It doesn't appear that this is occurring. No
obvious errors for Auth::Mailfrom appear in any of the logs
(error_log, ssl_error_log, maillog, messages).

If there's a workaround, e.g. disabling the auto-creation of users,
that would work just as well.

Any thoughts are appreciated. I'm at a loss for the moment.

Thank you for any assistance or insight.



More information about the rt-users mailing list