RT mess

Hello all,
Just messed myself up by accidentally making my RT administration login
account non-privilidged. (unchecked the grant rights box accidentally
and submitted).
I now cannot manage the whole installation anymore and the last thing I
would like to tell my boss is that I am going to do a re-installation.
There are so many users already relying on the system and so many
tickects.
Can anyone out there help me recover my status before something
Please.

Lule George William (Mr)
Network and Systems Administrator
Uganda Martyrs University, Nkozi
P.O. Box 5498 Kampala
Uganda

Just messed myself up by accidentally making my RT administration login
account non-privilidged. (unchecked the grant rights box accidentally
and submitted).

keep backups. Whether or not a user is priviledged should be pretty
straightforward in the actual SQL db, I’d fix it there. However, that
is an entirely unsupported operation.

seph

Hi,On Thu, 04.03.2004 at 19:47:40 +0300, Lule George William glule@umu.ac.ug wrote:

Just messed myself up by accidentally making my RT administration login
account non-privilidged. (unchecked the grant rights box accidentally
and submitted).

duplicate your install (only the base thing) and then find your admin
settings in the data base and transfer to the live system.
Alternatively, you might be able to glean these from the installation
procedure and copy them directly to your live system.

Good luck,
–Toni++

You needn’t go through THAT much trouble (nor do I recommend it).

Breaking the rules in this case is less likely to cause problems than trying to do a partial-reinstall, imho. But BACKUP your data in case you make a typo in my upcoming instructions…

That said, shut down your web server (!) and use your favorite SQL client to run these queries:

SQL> select u.id, u.name from users as u where u.name=‘username-goes-here’

You should get a userid number from this query. Substitute it for [USERID] in the following queries.

SQL> select g.id, g.type from groups as g where g.domain=‘SystemInternal’

You should get three groups: “Everyone”, “Privileged”, and “Unprivileged”. Note the id numbers for the last two as [PRIV] and [UNPRIV] respectively.

SQL> delete from groupmembers where groupid=[UNPRIV] and memberid=[USERID]

You just took yourself off of the nobody-list.

SQL> insert into groupmembers (groupid,memberid) values ([PRIV],[USERID])

Voila! You’re back on the somebody-list. You may now restart your web server (did you remember to shut it down?) and return to your regularly-scheduled programming.

FOR EXAMPLE, if I were in your shoes, I’d do/get the following:

select u.id, u.name from users as u where u.name=‘root’
id name
12 root

select g.id, g.type from groups as g where g.domain=‘SystemInternal’
id type
3 Everyone
4 Privileged
5 Unprivileged

delete from groupmembers where groupid=5 and memberid=12
1 row(s) deleted

insert into groupmembers (groupid,memberid) values (4,12)
1 row(s) inserted

Backup, backup, BACKUP your data before you try this at home! One misplaced enter-key can do a lot more damage than you have right now.

FYI, I’m running 3.0.9 on PostgreSQL.

Hoping this helps,
Jason

p.s. Don’t forget to backup your data! (I think I’ve said it 5 times, so don’t blame me if you don’t).On Sun, Mar 07, 2004 at 01:25:37PM +0100, Toni Mueller wrote:

Hi,

On Thu, 04.03.2004 at 19:47:40 +0300, Lule George William glule@umu.ac.ug wrote:

Just messed myself up by accidentally making my RT administration login
account non-privilidged. (unchecked the grant rights box accidentally
and submitted).

duplicate your install (only the base thing) and then find your admin
settings in the data base and transfer to the live system.
Alternatively, you might be able to glean these from the installation
procedure and copy them directly to your live system.

Good luck,
–Toni++


rt-users mailing list
rt-users@lists.bestpractical.com
The rt-users Archives

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

In fact, if you try my SQL technique, I recommend starting off with:

SQL> begin

Run the other SQL instructions as I specified. If you screw up (you see “277 rows deleted” instead of 1, for example), run:

SQL> rollback

and try again (remember to run BEGIN), but if everything appears ok:

SQL> commit

This should reduce (not eliminate) the probability that you will have to revert to the backups that I’ve told you to make.

On that note, could we block users from de-privileging ‘root’? That seems like a more appropriate approach to this problem than posting this hack as an emergency how-to.

Cheers,
JasonOn Sun, Mar 07, 2004 at 11:14:28AM -0500, Jason B. Alonso wrote:

You needn’t go through THAT much trouble (nor do I recommend it).

Breaking the rules in this case is less likely to cause problems than trying to do a partial-reinstall, imho. But BACKUP your data in case you make a typo in my upcoming instructions…

That said, shut down your web server (!) and use your favorite SQL client to run these queries:

SQL> select u.id, u.name from users as u where u.name=‘username-goes-here’

You should get a userid number from this query. Substitute it for [USERID] in the following queries.

SQL> select g.id, g.type from groups as g where g.domain=‘SystemInternal’

You should get three groups: “Everyone”, “Privileged”, and “Unprivileged”. Note the id numbers for the last two as [PRIV] and [UNPRIV] respectively.

SQL> delete from groupmembers where groupid=[UNPRIV] and memberid=[USERID]

You just took yourself off of the nobody-list.

SQL> insert into groupmembers (groupid,memberid) values ([PRIV],[USERID])

Voila! You’re back on the somebody-list. You may now restart your web server (did you remember to shut it down?) and return to your regularly-scheduled programming.

FOR EXAMPLE, if I were in your shoes, I’d do/get the following:

select u.id, u.name from users as u where u.name=‘root’
id name
12 root

select g.id, g.type from groups as g where g.domain=‘SystemInternal’
id type
3 Everyone
4 Privileged
5 Unprivileged

delete from groupmembers where groupid=5 and memberid=12
1 row(s) deleted

insert into groupmembers (groupid,memberid) values (4,12)
1 row(s) inserted

Backup, backup, BACKUP your data before you try this at home! One misplaced enter-key can do a lot more damage than you have right now.

FYI, I’m running 3.0.9 on PostgreSQL.

Hoping this helps,
Jason

p.s. Don’t forget to backup your data! (I think I’ve said it 5 times, so don’t blame me if you don’t).

On Sun, Mar 07, 2004 at 01:25:37PM +0100, Toni Mueller wrote:

Hi,

On Thu, 04.03.2004 at 19:47:40 +0300, Lule George William glule@umu.ac.ug wrote:

Just messed myself up by accidentally making my RT administration login
account non-privilidged. (unchecked the grant rights box accidentally
and submitted).

duplicate your install (only the base thing) and then find your admin
settings in the data base and transfer to the live system.
Alternatively, you might be able to glean these from the installation
procedure and copy them directly to your live system.

Good luck,
–Toni++


rt-users mailing list
rt-users@lists.bestpractical.com
The rt-users Archives

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm


rt-users mailing list
rt-users@lists.bestpractical.com
The rt-users Archives

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm