EmergencyUserCannotOwn and log-in errors
hi, I'm very new to using zope and am having a spot of bother. I have edited my /var/zope/access file to allow me to login as super user from lewis.example.com (and preserved the ownership on that file [checked it against a ls -l > ls-l.snapshot which I did/created before editing the access file). I created 2 users, ken-o (an owner) and ken-m (a manager), with identical passwords. I can't log in as either of those 2 users that I created, nor can I create a script when logged in as superuser - I keep getting a "EmergencyUserCannotOwn" error. I did a number of seperate searches for "EmergencyUserCannotOwn" through google and egroups. The only discussed solutions that I found for anything even slightly similar to the above were about the ownerships of the /var/zope/access file. I doubt that it makes any difference, but the ID that I entered for creating the python script is "hejda" - should the ID be numeric? I am using Zope-2.3.2-1.i386.rpm and Zope-zserver-2.3.2-1.i386.rpm on a Redhat 7.1 Linux box as I am limited to using python 1.5.2 at the moment. aTdHvAaNnKcSe ken
I'm very new to using zope and am having a spot of bother. I have edited my /var/zope/access file to allow me to login as super user from lewis.example.com (and preserved the ownership on that file [checked it against a ls -l > ls-l.snapshot which I did/created before editing the access file).
I created 2 users, ken-o (an owner) and ken-m (a manager), with identical passwords.
Read zope/doc/SECURITY.txt for the usual way to bootstrap Zope users. You should use inituser to create a Manager level user which can then deal with other users.
I can't log in as either of those 2 users that I created, nor can I create a script when logged in as superuser - I keep getting a "EmergencyUserCannotOwn" error.
The Zope 'superuser' concept isn't the same as the Unix 'root' concept. (Thus the recent renaming to 'Emergency User'.) This user isn't a normal user, but a special role there to save you should you do something stupid like change the security permisisons to lock your Managers out. Since it is only meant to be used in rescue operations, the superuser cannot own objects (and by extension, cannot create them either.) Notice, for instance, that there is no 'superuser' in the base user folder.
I doubt that it makes any difference, but the ID that I entered for creating the python script is "hejda" - should the ID be numeric?
Call it whatever you like. Should make no difference, unless you override something that already exists. --jcc (no emergency)
I doubt that it makes any difference, but the ID that I entered for creating the python script is "hejda" - should the ID be numeric?
Call it whatever you like. Should make no difference, unless you override something that already exists.
The FILENAME for the emergency user file has to be "access". So THAT name is not random. Just to make sure that you got that one right ... ;-) Joachim
participants (3)
-
J. Cameron Cooper -
Joachim Werner -
Ken Guest