Recently installed the latest RTIR over the RT AMI Image.
Install and configuration appear to be correct however I am not able to create incidents, investigations or anything else but tickets with both a regular and admin users. Just get a permission denied error.
Perhaps I am doing something wrong. Any assistance is much appreciated.
Permission denied in the RT log? Can you share the actual message that is showing that
Yes, thank you
When you click on RTIR->Incidents->Create, the following is all that is returned.
Hopefully the image copied, if not all that is returned is a pink banner error message that says:
RT ERROR
Permission Denied.
Does your test admin user have super user right? Or at least create ticket and see queue rights for the RTIR queue(s)?
Yes, I am logged in to the console as root just for testing
Is there anything in the logs when you perform this action? Can you confirm that the root user still has superuser? Its possible the rights were changed
Seems like I found a solution. I created Queues for the incidents, investigations, countermeasure lifecycles and now I can create records for each of these. Assuming this is a good fix.’
By the way, I used the AWS AMI for RT as the base for this which overwrites the default root password.
Thank you very much for your help.
Were the queues not already created?
That is correct. Could there have been an install issue? I do not recall seeing any errors during the build.
Thanks
I am guessing the make initdb command wasn’t run? Which means none of the db inserts was run for RTIR if that is the case
I see, thank you.
Am I ok to go with what I have or should I rebuild?
Am I ok to go with what I have or should I rebuild?
You’re likely missing a lot of RTIR features without it, you can try running it. I am not sure what will happen now that the queues exist already
This may have been an issue that I missed with initdb. The admin password set by the RT AMI does not appear to work.
sudo make initdb
/usr/bin/perl -I. -Ilib -I/opt/rt5/local/lib -I/opt/rt5/lib /opt/rt5/sbin/rt-setup-database --action insert --datadir etc --datafile etc/initialdata --dba admin --prompt-for-dba-password --package RT::IR --ext-version 5.0.1
In order to create or update your RT database, this script needs to connect to your mysql instance on localhost (port ‘’) as admin
Please specify that user’s database password below. If the user has no database
password, just press return.
Password:
Working with:
Type: mysql
Host: localhost
Port:
Name: rt5
User: rt_user
DBA: admin
Failed to connect to dbi:mysql:dbname=rt5;host=localhost as user ‘admin’: Access denied for user ‘admin’@‘localhost’ (using password: YES)…returned with error: 65280
Makefile:1039: recipe for target ‘initdb’ failed
make: *** [initdb] Error 2
Does that error mean that the password was wrong or the connection was just denied?
It is not accepting the admin password to connect to MySQL.
Does that password work with user admin when running the mysql shell manually? I am not sure:
returned with error: 65280
if that error means the password is wrong or the connection is being refused for some other reason
I believe I figured it out. initdb was looking for a password for the admin user, however there was no password set in MySQL. Went into the MySQL shell and and set a password for admin, now initdb ran.
Looks like it skipped over the queues I had manually created:
Now inserting data.
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
Done inserting data.
Really appreciate all your help on this.