Skip to main content

Hello,

I have an issue regarding ACL. I wanted to restrict the ressource view to some users.

For information I run a fresh 24.04.07 centreon installation made on a debian 12.

Here what I’ve done (following the documentation) :

  • Creation of a “Ressource Access” ACL
    • On tab “Hosts resources” I’ve checked only the host I wanted to display and leave everything by default
    • On tab “Services Resources” I’ve checked “Include all servicegroups”
    • I leave the others tab as default
  • Creation of a “Menu access” ACL
    • I only checked “Home”, “Monitoring” and “Reporting”
  • Creation of a “Action Access” ACL
    • I duplicated the existing “Simple User” ACL and removed some actions like Enable/Disable Notification … I just wanted the users to have a display access.

Finally I created an “Access Group” linked with a test user and in the “Authorizations information” tab I selected the 3 ACL I just created.

When I log on with my user display limitation are OK but I don’t see any hosts or services.

I tried a lot of different configurations and even if I select “Include all hosts”, “Include all hostgroups”, “include all services” in the ressource ACL I’m still seeing nothing …

I had a look on all log files and the only relevant  information is in centAcl.log :

2024-10-10 16:56:01] According to DB another instance of centAcl.php is already running and I found 0 process...
Correcting the state in the DB, by setting the `running` value to 0 for id =  1
PHP Fatal error:  Uncaught Error: Call to undefined method CentreonDB::logSqlError() in /usr/share/centreon/www/class/centreonDB.class.php:766
Stack trace:
#0 /usr/share/centreon/cron/centAcl.php(204): CentreonDB->query()
#1 {main}
  thrown in /usr/share/centreon/www/class/centreonDB.class.php on line 766

 

I’m really out of ideas. If someone can help me I would be very grateful.

All my best,

Thierry.

Hello,

Same issue here.
 

I’ve managed to manually update centreon_acl table by adding many lines (1 per service + 1 with service_id = NULL per host) but that’s really not serious.
 

From what I’ve understood, the issue comes from unfinished refactoring of logging that’s been finalized here : https://github.com/centreon/centreon/pull/4862

 

Unfortunately so far it’s been pushed to 24.09 (we cannot access ?) but I hope it’ll be merged to 24.04 anytime soon, unless it’ll be included in 24.10 only ?
 

Mathieu

Hello,

Thank you for your response. It’s nice to know that it is handled.

Regards,

Thierry

Hello @thierry.lamoureux,

first of all sorry for the inconvenience.

While waiting for the next minor release, can you test by replacing the file /usr/share/centreon/www/class/centreonDB.class.php with this one https://github.com/centreon/centreon/blob/dev-24.04.x/centreon/www/class/centreonDB.class.php ?

Hello @Laurent Calvet,

Unfortunately it doesn’t work. The rights on menus are looking good but I still cannot see the ressources I’ve selected in the ACL related to this user.

When I refresh the ACL on the user, I got this message now :

s2024-10-23 08:38:37] SQLSTATET42S22]: Column not found: 1054 Unknown column 'all_contacts' in 'field list'

Do you have an idea on what to do ?

Thanks a lot.

Thierry.

Hi, @thierry.lamoureux 
During a new installation (24.04.7), the 'all_contacts' column is created in the centreon.acl_groups table. Do you have this column?

Hello,

I can confirm that the column “all_contacts” isn’t created in the table “acl_groups”.

I use the correct Centreon release :

Regards,

Thierry.

We have this same issue, although this is a long running RHEL8 Centreon installation and is upgraded to 24.04.7. I tried making the changes to /usr/share/centreon/www/class/centreonDB.class.php but all that does is show that all_contacts is missing in a table.

How can we create this missing column?

How can we create this missing column?

For anyone else

ALTER TABLE acl_groups ADD COLUMN all_contacts TINYINT(1) DEFAULT 0 NOT NULL;
ALTER TABLE acl_groups ADD COLUMN all_contact_groups TINYINT(1) DEFAULT 0 NOT NULL;

Seems to work for us, the messages have gone and I can use the “Export configuration” button again.

Hello,

For your information I’ve just updated my centreon installation from version 24.04.07 to 24.10.01 and my problem is still here.

"2024-11-08 11:26:17] SQLSTATET42S22]: Column not found: 1054 Unknown column 'all_contacts' in 'field list'

I will try to add the column and see if it solves my issue (I didn’t see the notice of fvinancano_dtt’s reply).

Regards,

Thierry.

Hello,

The addition of the column solved my issue. It’s weard that it is not created by one of the upgrade scripts

Regards,

Thierry.

How can we create this missing column?

For anyone else

ALTER TABLE acl_groups ADD COLUMN all_contacts TINYINT(1) DEFAULT 0 NOT NULL;
ALTER TABLE acl_groups ADD COLUMN all_contact_groups TINYINT(1) DEFAULT 0 NOT NULL;

Seems to work for us, the messages have gone and I can use the “Export configuration” button again.

 

We had an issue with hosts not being visible, and after encountering an error while reloading the ACLs, this action resolved the problem. Thank you!

 

How can we create this missing column?

For anyone else

ALTER TABLE acl_groups ADD COLUMN all_contacts TINYINT(1) DEFAULT 0 NOT NULL;
ALTER TABLE acl_groups ADD COLUMN all_contact_groups TINYINT(1) DEFAULT 0 NOT NULL;

Seems to work for us, the messages have gone and I can use the “Export configuration” button again.

 

On my side, it works, but I’m still having an issue with Business Activity: I can’t display the resources. I’ve double-checked that my Access Groups have all possible permissions, and I even granted everything at the ACL MBI level. Any suggestions would be greatly appreciated!

My bad i found the menu where to handle the acl on business views, everythink is ok.

Hi everyone,

When I run a DESCRIBE command on the acl_groups table, I can see all_contacts and all_contact_groups, but my service group resource doesn't appear, even after reloading the ACL for my user...

Reply


Terms & ConditionsCookie settings