jackrabbit accessmanager: How to create ACL with restriction rep:glob="/foo" - sling

We installed the Accessmanager Bundle and now we are creating our ACL inside the JCR using curl commands.
For example:
curl -u admin:XXX -FprincipalId=testgroup -Fprivilege#jcr:read=denied http://myhost:4502/content.modifyAce.html`
But I have no idea how to create an ACL with a restriction like rep:glob="/foo"?
Is this even possible?
I know this is working when I use the CrxDe UI.
But we need to do this from commandline.
Thank you!

Related

Mosquitto dynamic security does not allow to insert clients or roles

Hi everyone I've been trying to use mosquitto dynamic security plugin, the broker is running in a docker container, and so far everything seems to work as expected I can generate de file dynamic-secutiry.json for that I used the following command mosquitto_ctrl dynsec init path/to/dynamic-security.json user and after that, I set the password as user, so managed to open the file and make sure that it was created right, and indeed it was. However, when I try to modify the file like adding a new client for instance I got the following message Connection error: Not authorized in order to add new clients I've been something like this mosquitto_ctrl -u user -P user dynsec createRole rolepizza and then I'm getting this:
That's the dynamic-security.json
Finally my mosquitto.conf
I've been following this tutorials:
https://www.youtube.com/watch?v=QvRBtRH2mN0
http://www.steves-internet-guide.com/understanding-mosquitto-dynamic-security-plugin/
I'd appreciate it if someone could tell me what I've been doing wrong. Thanks in advance
As hashed out in the comments, the problem was most likely a lack of write permissions on dynamic-security.json file due to creating it as root.
Mosquitto will normally drop root permissions on startup, so all config/log files should be writable by a none privileged user (you can set the user in the mosquitto.conf file.

Must not run with sudo

Hi I am new in github actions and I am trying to create a CICD pipline using Github action. I am using a digital ocean droplet as my server and I am trying to create a runner as said in github->settings->actions
When I wrote the following command
./config.sh --url https://github.com/basobaasnepal/BasobaasWeb --token DFGFSDF234sf3fg45hd
I got this:
Must not run with sudo
I tried to change the from root user to non root user but didn't work. I also tried export {AGENT_ALLOW_RUNASROOT="1"} bur
Are you setting the right variable? I think you can set the RUNNER_ALLOW_RUNASROOT variable to get by this problem using export RUNNER_ALLOW_RUNASROOT=1, or you can provide it directly to the command:
RUNNER_ALLOW_RUNASROOT="1" ./config.sh --url https://github.com/basobaasnepal/BasobaasWeb --token DFGFSDF234sf3fg45hd

Running installer within docker file without user interaction

I've been trying to have a docker file setup where it can install a specific ODBC driver I need in an application.
I use the following commands:
RUN cd /tmp/./client1201/
RUN ./setup
and it runs the installer without any problem. The issue is that It requires user input in order to proceed with some steps.
Is there any way I can make this silent? If so, is this some docker specific feature? Or it actually requires some sort of support from the installer itself in order to achieve this?
Thanks for any assistance
RUN echo "yes" | ./script.sh
This may work for you.

Setting up OpenProject on OpenShift

I'm trying to install OpenProject on OpenShift but I'm having difficulties in understanding the process. I've managed to create an OpenShift application and SSH into the domain, however I don't have permissions to download the zip file / create the folder as in the instructions.
I have to mention that my GIT/Ruby/Openshift knowledge is very limited.
Has anyone tried this before? Can you tell me if it's possible and how?
Thanks!
You'll want to ssh into your gear
$ rhc ssh -a
Then cd into the data dir
$ cd $OPENSHIFT_DATA_DIR
Wget your file
$ wget https://github.com/opf/openproject/archive/2.4.0.zip
I, despite this issue being so old, I would like to share my efforts. I also wanted to get OpenProject running on OpenShift. My way was to first get an initial POD running with root permissions to set things up with the WebUI and then run the individual services without root permissions.
Details can be found in this Github repository:
https://github.com/jngrb/openproject-openshift

How to upload files to password protected HTTPS site using CURL?

How can I upload files to a HTTPS site using CURL?
The site is also password protected.
What's the command line used to upload for that particular site?
Yes, you can,
$ curl --user login:password --upload-file your.file.txt https://the.url/where/that/should/go
You may need to add --insecure if you don't want cURL to check the certificate chain.

Resources