Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSH tutorial not working #1260

Closed
tim-styra opened this issue Mar 13, 2019 · 3 comments
Closed

SSH tutorial not working #1260

tim-styra opened this issue Mar 13, 2019 · 3 comments

Comments

@tim-styra
Copy link
Contributor

tim-styra commented Mar 13, 2019

In the SSH tutorial, you're prompted for a password when you ssh for the first time, but no password or private key is provided in the tutorial.

Additionally, the step where you create the policy sshd_authz.rego works but yields some odd behavior from a Mac OS X terminal.

$ cat >sshd_authz.rego <<EOF
> package sshd.authz
> 
> import input.pull_responses
> import input.sysinfo
> 
> import data.hosts
> 
> # By default, users are not authorized.
> default allow = false
> 
> # Allow access to any user that has the "admin" role.
> allow {
>     data.roles["admin"][_] = input.sysinfo.pam_username
> }
> 
> # Allow access to any user who contributed to the code running on the host.
> #
> # This rule gets the `host_id` value from the file `/etc/host_identity.json`.
> # It is available in the input under `pull_responses` because we
> # asked for it in our pull policy above.
> #
> # It then compares all the contributors for that host against the username
> # that is asking for authorization.
> allow {
>     hosts[pull_responses.files["/etc/host_identity.json"].host_id].contributors[_] = sysinfo.pam_username
> }
> 
> 
> # If the user is not authorized, then include an error message in the response.
> errors["Request denied by administrative policy"] {
>     not allow
> }
> EOF
-bash: host_id: command not found
-bash: /etc/host_identity.json: No such file or directory
-bash: pull_responses: command not found
@tsandall
Copy link
Member

@ashutosh-narkar can you take a look at this?

@ashutosh-narkar
Copy link
Member

Yes will try this out.

ashutosh-narkar added a commit to ashutosh-narkar/opa that referenced this issue Mar 13, 2019
Fixes open-policy-agent#1260

The Policy comment had backticks around some words which when pasted in the terminal were incorrectly interpreted as bash commands and file names.

Signed-off-by: Ashutosh Narkar <anarkar4387@gmail.com>
@ashutosh-narkar
Copy link
Member

ashutosh-narkar commented Mar 13, 2019

We pushed the latest images for the PAM demo server and fixed the formatting for comments to address the terminal issue.

The tutorial works now.

ashutosh-narkar added a commit that referenced this issue Mar 13, 2019
Fixes #1260

The Policy comment had backticks around some words which when pasted in the terminal were incorrectly interpreted as bash commands and file names.

Signed-off-by: Ashutosh Narkar <anarkar4387@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants