Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Blocker
Component/s: core
Labels:
- jenkins
- security
Environment:

Hide
System Properties

Name / Value
com.sun.akuma.Daemon daemonized
executable-war /usr/lib/jenkins/jenkins.war
file.encoding UTF-8
file.encoding.pkg sun.io
file.separator /
guice.disable.misplaced.annotation.check true
http.proxyHost icsarray.ics.express.tnt
http.proxyPort 8080
hudson.diyChunking true
java.awt.graphicsenv sun.awt.X11GraphicsEnvironment
java.awt.headless true
java.awt.printerjob sun.print.PSPrinterJob
java.class.path /usr/lib/jenkins/jenkins.war
java.class.version 50.0
java.endorsed.dirs /communique2/java/jdk1.6.0_71/jre/lib/endorsed
java.ext.dirs /communique2/java/jdk1.6.0_71/jre/lib/ext:/usr/java/packages/lib/ext
java.home /communique2/java/jdk1.6.0_71/jre
java.io.tmpdir /tmp
java.library.path /communique2/java/jdk1.6.0_71/jre/lib/amd64/server:/communique2/java/jdk1.6.0_71/jre/lib/amd64:/communique2/java/jdk1.6.0_71/jre/../lib/amd64:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
java.runtime.name Java(TM) SE Runtime Environment
java.runtime.version 1.6.0_71-b12
java.specification.name Java Platform API Specification
java.specification.vendor Sun Microsystems Inc.
java.specification.version 1.6
java.vendor Sun Microsystems Inc.
java.vendor.url http://java.sun.com/
java.vendor.url.bug http://java.sun.com/cgi-bin/bugreport.cgi
java.version 1.6.0_71
java.vm.info mixed mode
java.vm.name Java HotSpot(TM) 64-Bit Server VM
java.vm.specification.name Java Virtual Machine Specification
java.vm.specification.vendor Sun Microsystems Inc.
java.vm.specification.version 1.0
java.vm.vendor Sun Microsystems Inc.
java.vm.version 20.71-b01
JENKINS_HOME /var/lib/jenkins
jna.platform.library.path /usr/lib64:/lib64:/usr/lib:/lib
jnidispatch.path /tmp/jna--1712433994/jna4896909062887311416.tmp
line.separator
mail.smtp.sendpartial true
mail.smtps.sendpartial true
os.arch amd64
os.name Linux
os.version 2.6.18-238.5.1.el5
path.separator :
securerandom.source file:/dev/./urandom
sun.arch.data.model 64
sun.boot.class.path /communique2/java/jdk1.6.0_71/jre/lib/resources.jar:/communique2/java/jdk1.6.0_71/jre/lib/rt.jar:/communique2/java/jdk1.6.0_71/jre/lib/sunrsasign.jar:/communique2/java/jdk1.6.0_71/jre/lib/jsse.jar:/communique2/java/jdk1.6.0_71/jre/lib/jce.jar:/communique2/java/jdk1.6.0_71/jre/lib/charsets.jar:/communique2/java/jdk1.6.0_71/jre/lib/modules/jdk.boot.jar:/communique2/java/jdk1.6.0_71/jre/classes
sun.boot.library.path /communique2/java/jdk1.6.0_71/jre/lib/amd64
sun.cpu.endian little
sun.cpu.isalist
sun.io.unicode.encoding UnicodeLittle
sun.java.command /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --ajp13Port=8009 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
sun.java.launcher SUN_STANDARD
sun.jnu.encoding UTF-8
sun.management.compiler HotSpot 64-Bit Tiered Compilers
sun.os.patch.level unknown
svnkit.http.methods Digest,Basic,NTLM,Negotiate
svnkit.ssh2.persistent false
user.country GB
user.dir /
user.home /var/lib/jenkins
user.language en
user.name jenkins
user.timezone GB
Environment Variables

Name / Value
_ /communique2/java/jdk1.6.0_71/bin/java
CVS_RSH ssh
G_BROKEN_FILENAMES 1
HISTSIZE 1000
HOME /var/lib/jenkins
HOSTNAME gbahevl457.gb.tntpost.com
INPUTRC /etc/inputrc
JAVA_HOME /communique2/java/jdk1.6.0_71
KDE_IS_PRELINKED 1
KDE_NO_IPV6 1
KDEDIR /usr
LANG en_GB.UTF-8
LD_LIBRARY_PATH /communique2/java/jdk1.6.0_71/jre/lib/amd64/server:/communique2/java/jdk1.6.0_71/jre/lib/amd64:/communique2/java/jdk1.6.0_71/jre/../lib/amd64
LESSOPEN |/usr/bin/lesspipe.sh %s
LOGNAME jenkins
LS_COLORS no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jpg=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.tif=00;35:
M2 M2_HOME/bin
M2_HOME /opt/maven
MAIL /var/spool/mail/root
NLSPATH /usr/dt/lib/nls/msg/%L/%N.cat
PATH /usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/sbin:/usr/sbin:/bin:/usr/bin:/opt/maven/bin:/communique2/java/jdk1.6.0_71/bin:/opt/vault/bin
PWD /
SHELL /bin/bash
SHLVL 2
SSH_ASKPASS /usr/libexec/openssh/gnome-ssh-askpass
TERM xterm
USER jenkins
VAULT_HOME /opt/vault
XFILESEARCHPATH /usr/dt/app-defaults/%L/Dt
Plugins

Name / Version / Enabled / Pinned
ant 1.2 true false
antisamy-markup-formatter 1.3 true true
credentials 1.18 true false
cvs 2.12 true true
external-monitor-job 1.4 true true
javadoc 1.3 true true
junit 1.2 true true
ldap 1.6 true false
mailer 1.12 true true
mapdb-api 1.0.6.0 true false
matrix-auth 1.2 true true
matrix-project 1.4 true true
maven-plugin 2.8 true true
pam-auth 1.2 true true
scm-api 0.2 true false
ssh-credentials 1.10 true false
ssh-slaves 1.9 true false
subversion 2.4.5 true true
translation 1.12 true true
windows-slaves 1.0 true false

Show
System Properties Name / Value com.sun.akuma.Daemon daemonized executable-war /usr/lib/jenkins/jenkins.war file.encoding UTF-8 file.encoding.pkg sun.io file.separator / guice.disable.misplaced.annotation.check true http.proxyHost icsarray.ics.express.tnt http.proxyPort 8080 hudson.diyChunking true java.awt.graphicsenv sun.awt.X11GraphicsEnvironment java.awt.headless true java.awt.printerjob sun.print.PSPrinterJob java.class.path /usr/lib/jenkins/jenkins.war java.class.version 50.0 java.endorsed.dirs /communique2/java/jdk1.6.0_71/jre/lib/endorsed java.ext.dirs /communique2/java/jdk1.6.0_71/jre/lib/ext:/usr/java/packages/lib/ext java.home /communique2/java/jdk1.6.0_71/jre java.io.tmpdir /tmp java.library.path /communique2/java/jdk1.6.0_71/jre/lib/amd64/server:/communique2/java/jdk1.6.0_71/jre/lib/amd64:/communique2/java/jdk1.6.0_71/jre/../lib/amd64:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib java.runtime.name Java(TM) SE Runtime Environment java.runtime.version 1.6.0_71-b12 java.specification.name Java Platform API Specification java.specification.vendor Sun Microsystems Inc. java.specification.version 1.6 java.vendor Sun Microsystems Inc. java.vendor.url http://java.sun.com/ java.vendor.url.bug http://java.sun.com/cgi-bin/bugreport.cgi java.version 1.6.0_71 java.vm.info mixed mode java.vm.name Java HotSpot(TM) 64-Bit Server VM java.vm.specification.name Java Virtual Machine Specification java.vm.specification.vendor Sun Microsystems Inc. java.vm.specification.version 1.0 java.vm.vendor Sun Microsystems Inc. java.vm.version 20.71-b01 JENKINS_HOME /var/lib/jenkins jna.platform.library.path /usr/lib64:/lib64:/usr/lib:/lib jnidispatch.path /tmp/jna--1712433994/jna4896909062887311416.tmp line.separator mail.smtp.sendpartial true mail.smtps.sendpartial true os.arch amd64 os.name Linux os.version 2.6.18-238.5.1.el5 path.separator : securerandom.source file:/dev/./urandom sun.arch.data.model 64 sun.boot.class.path /communique2/java/jdk1.6.0_71/jre/lib/resources.jar:/communique2/java/jdk1.6.0_71/jre/lib/rt.jar:/communique2/java/jdk1.6.0_71/jre/lib/sunrsasign.jar:/communique2/java/jdk1.6.0_71/jre/lib/jsse.jar:/communique2/java/jdk1.6.0_71/jre/lib/jce.jar:/communique2/java/jdk1.6.0_71/jre/lib/charsets.jar:/communique2/java/jdk1.6.0_71/jre/lib/modules/jdk.boot.jar:/communique2/java/jdk1.6.0_71/jre/classes sun.boot.library.path /communique2/java/jdk1.6.0_71/jre/lib/amd64 sun.cpu.endian little sun.cpu.isalist sun.io.unicode.encoding UnicodeLittle sun.java.command /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --ajp13Port=8009 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20 sun.java.launcher SUN_STANDARD sun.jnu.encoding UTF-8 sun.management.compiler HotSpot 64-Bit Tiered Compilers sun.os.patch.level unknown svnkit.http.methods Digest,Basic,NTLM,Negotiate svnkit.ssh2.persistent false user.country GB user.dir / user.home /var/lib/jenkins user.language en user.name jenkins user.timezone GB Environment Variables Name / Value _ /communique2/java/jdk1.6.0_71/bin/java CVS_RSH ssh G_BROKEN_FILENAMES 1 HISTSIZE 1000 HOME /var/lib/jenkins HOSTNAME gbahevl457.gb.tntpost.com INPUTRC /etc/inputrc JAVA_HOME /communique2/java/jdk1.6.0_71 KDE_IS_PRELINKED 1 KDE_NO_IPV6 1 KDEDIR /usr LANG en_GB.UTF-8 LD_LIBRARY_PATH /communique2/java/jdk1.6.0_71/jre/lib/amd64/server:/communique2/java/jdk1.6.0_71/jre/lib/amd64:/communique2/java/jdk1.6.0_71/jre/../lib/amd64 LESSOPEN |/usr/bin/lesspipe.sh %s LOGNAME jenkins LS_COLORS no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jpg=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.tif=00;35: M2 M2_HOME/bin M2_HOME /opt/maven MAIL /var/spool/mail/root NLSPATH /usr/dt/lib/nls/msg/%L/%N.cat PATH /usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/sbin:/usr/sbin:/bin:/usr/bin:/opt/maven/bin:/communique2/java/jdk1.6.0_71/bin:/opt/vault/bin PWD / SHELL /bin/bash SHLVL 2 SSH_ASKPASS /usr/libexec/openssh/gnome-ssh-askpass TERM xterm USER jenkins VAULT_HOME /opt/vault XFILESEARCHPATH /usr/dt/app-defaults/%L/Dt Plugins Name / Version / Enabled / Pinned ant 1.2 true false antisamy-markup-formatter 1.3 true true credentials 1.18 true false cvs 2.12 true true external-monitor-job 1.4 true true javadoc 1.3 true true junit 1.2 true true ldap 1.6 true false mailer 1.12 true true mapdb-api 1.0.6.0 true false matrix-auth 1.2 true true matrix-project 1.4 true true maven-plugin 2.8 true true pam-auth 1.2 true true scm-api 0.2 true false ssh-credentials 1.10 true false ssh-slaves 1.9 true false subversion 2.4.5 true true translation 1.12 true true windows-slaves 1.0 true false

Similar Issues:

Show

See here also: http://stackoverflow.com/questions/27131560/jenkins-user-permissions-wiped-on-restart

Essentially I can set up security and it works, but after a restart all permissions are wiped:

1. Downloaded Redhat rpm from Jenkings main site (jenkins-1.590-1.1.noarch.rpm) and installed directly onto server

2. Jobs can be set up and work fine

3. Enabled jenkins own DB authentication with matrix permissions

4. Add myself a user ID and assign full permissions, allowing anonymous 'overall read' (NOTE I have done this with and without setting this anonymous permission and the result is the same)

5. Save

6. Restart jenkins

7. Create an account to link the ID added in #4

8. All seems fine, permissions are in place and I can do everything I want to

9. can log out and back in without problem

10. Restart jenkins

11. Log back into the account

12. All permissions are gone and I can't access the system.

13. If I try to hit a secure page directly I get the message "t143ahe is missing the Overall/Administer permission"

14. This will happen with all users if I have added more than one.

The same happens with project based matrix authentication.

To get get back into Jenkins I have to disable security by deleting config.xml and deleting user folders from the users directory.

Rightly or wrongly I've marked this as a Blocker as I can't set up CI in my company without this security in place (can't have Joe Bloggs kicking off a production build).

Assignee:: Unassigned

Reporter:: Chris Parr

Votes:: 7 Vote for this issue

Watchers:: 14 Start watching this issue

Created:: 2014-12-01 11:42

Updated:: 2020-09-11 13:37

Details

Description

Attachments

Activity

People

Dates