-
Mason James authored
to test bug... 1/ make a random user 2/ change to random user 3/ access any zebra database with random user and no authentication 4/ read zebra database here is a transcript of the bug... --------------------------- root@xen1:~# adduser bob root@xen1:~# su -l bob bob@xen1:~$ cd /var/lib/koha bob@xen1:/var/lib/koha$ ls topsecret bob@xen1:/var/lib/koha$ yaz-client unix:/var/run/koha/topsecret/bibliosocket Connecting...OK. Sent initrequest. Connection accepted by v3 target. ID : 81 Name : Zebra Information Server/GFS/YAZ Version: 4.2.30 98864b44c654645bc16b2c54f822dc2e45a93031 Options: search present delSet triggerResourceCtrl scan sort extendedServices namedResultSets Elapsed: 0.001002 Z> base biblios; Z> find the Sent searchRequest. Received SearchResponse. Search was a success. Number of hits: 1130, setno 2 SearchResult-1: term=the cnt=1130 records returned: 0 Elapsed: 0.005518 Z> show Sent presentRequest (1+1). Records: 1 [biblios]Record type: USmarc 01824cam a2200397 a 4500 001 000045782309 003 AuCNLKIN 005 20111013213222.0 008 100707s2011 maua 001 0 e ... --------------------------- 5/ apply changes to a Koha instance's config files, that you plan to test 6/ restart zebra for instance # sudo koha-restart-zebra topsecret 7/ repeat steps 2 and 3, but receive a 'bad user/passwd ' error from zebra bob@xen1:~$ yaz-client unix:/var/run/koha/topsecret/bibliosocket Connecting...OK. Sent initrequest. Connection rejected by v3 target. 1: code=1011 (Init/AC: Bad Userid and/or Password), NOTE: this patch currently will only fixes newly created instances, it wont fix existing instances Signed-off-by:Chris Cormack <chrisc@catalyst.net.nz> Good catch Mason Signed-off-by:
Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by:
Brendan Gallagher <brendan@bywatersolutions.com>
f2196a2e
