- From: Alex Howells <
>
- To:
- Subject: [chef] Re: retrieving public keys of knife users
- Date: Wed, 15 Aug 2012 15:37:31 +0100
On 15 August 2012 15:15, Alex Howells
<
>
wrote:
>
But the plot thickens --
>
>
chef > x =
>
Chef::REST.new(Chef::Config[:chef_server_url]).get_rest("clients/baa")
>
[Wed, 15 Aug 2012 10:13:11 -0400] INFO: HTTP Request Returned 403
>
Forbidden: You are not the correct node (auth_user name: foo,
>
params[:id]: baa), or are not an API administrator (admin: false).
It doesn't appear that certain attributes of a client are public vs.
private - the situation is more "Are you the client concerned, if so,
you can load your data!" vs. "DENIED!" (with admin being the only way
around it).
https://github.com/opscode/chef/blob/master/chef-server-api/config/router.rb#L51
https://github.com/opscode/chef/blob/master/chef-server-api/app/controllers/application.rb#L80
https://github.com/opscode/chef/blob/master/chef-server-api/app/controllers/clients.rb#L28
Things might be different with OPC or OHC, not sure, I have been
testing things against OSCS.
With a client that is an admin -
Ohai2u
chef > x =
Chef::REST.new(Chef::Config[:chef_server_url]).get_rest("clients/baa")
=> client[baa]
But that's no surprise really :-)
Archive powered by MHonArc 2.6.16.