RTIR Permission Denied

Recently installed the latest RTIR over the RT AMI Image.

Install and configuration appear to be correct however I am not able to create incidents, investigations or anything else but tickets with both a regular and admin users. Just get a permission denied error.

Perhaps I am doing something wrong. Any assistance is much appreciated.

Permission denied in the RT log? Can you share the actual message that is showing that

Yes, thank you

When you click on RTIR->Incidents->Create, the following is all that is returned.

Screen Shot 2022-02-16 at 8.58.38 AM 1

Hopefully the image copied, if not all that is returned is a pink banner error message that says:
Permission Denied.

Does your test admin user have super user right? Or at least create ticket and see queue rights for the RTIR queue(s)?

Yes, I am logged in to the console as root just for testing

Is there anything in the logs when you perform this action? Can you confirm that the root user still has superuser? Its possible the rights were changed

Seems like I found a solution. I created Queues for the incidents, investigations, countermeasure lifecycles and now I can create records for each of these. Assuming this is a good fix.’

By the way, I used the AWS AMI for RT as the base for this which overwrites the default root password.

Thank you very much for your help.

Were the queues not already created?

That is correct. Could there have been an install issue? I do not recall seeing any errors during the build.


I am guessing the make initdb command wasn’t run? Which means none of the db inserts was run for RTIR if that is the case

I see, thank you.

Am I ok to go with what I have or should I rebuild?

Am I ok to go with what I have or should I rebuild?

You’re likely missing a lot of RTIR features without it, you can try running it. I am not sure what will happen now that the queues exist already

This may have been an issue that I missed with initdb. The admin password set by the RT AMI does not appear to work.

sudo make initdb

/usr/bin/perl -I. -Ilib -I/opt/rt5/local/lib -I/opt/rt5/lib /opt/rt5/sbin/rt-setup-database --action insert --datadir etc --datafile etc/initialdata --dba admin --prompt-for-dba-password --package RT::IR --ext-version 5.0.1
In order to create or update your RT database, this script needs to connect to your mysql instance on localhost (port ‘’) as admin
Please specify that user’s database password below. If the user has no database
password, just press return.

Working with:

Type: mysql

Host: localhost


Name: rt5

User: rt_user

DBA: admin

Failed to connect to dbi:mysql:dbname=rt5;host=localhost as user ‘admin’: Access denied for user ‘admin’@‘localhost’ (using password: YES)…returned with error: 65280

Makefile:1039: recipe for target ‘initdb’ failed

make: *** [initdb] Error 2

Does that error mean that the password was wrong or the connection was just denied?

It is not accepting the admin password to connect to MySQL.

Does that password work with user admin when running the mysql shell manually? I am not sure:

returned with error: 65280

if that error means the password is wrong or the connection is being refused for some other reason

I believe I figured it out. initdb was looking for a password for the admin user, however there was no password set in MySQL. Went into the MySQL shell and and set a password for admin, now initdb ran.

Looks like it skipped over the queues I had manually created:

Now inserting data.
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
[24242] [Thu Feb 17 15:33:39 2022] [error]: Queue already exists (/opt/rt5/sbin/…/lib/RT/Handle.pm:1088)
Done inserting data.

Really appreciate all your help on this.

1 Like