Using a non-admin user to create an override value for a specific Ansible variable via Satellite 6.x API fails with 500 Internal Server Error

Solution Verified - Updated -

Issue

Using a non-admin user to create an override value for a specific Ansible variable via API fails:

# export JSON_STRING='{"ansible_variable_id": "1", "override_value": { "match": "fqdn=client.example.com", "value": { "purge_unmanaged_files": true }}}'

# curl -v -k -X POST -u user:password -H "Content-Type:application/json" -d "$JSON_STRING" https://satellite.example.com/ansible/api/ansible_override_values --insecure
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 10.37.195.118...
* TCP_NODELAY set
* Connected to satellite.example.com (10.37.195.118) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
* TLSv1.3 (OUT), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=US; ST=North Carolina; O=Katello; OU=SomeOrgUnit; CN=satellite.example.com
*  start date: Apr 27 14:54:00 2023 GMT
*  expire date: Jan 18 14:54:01 2038 GMT
*  issuer: C=US; ST=North Carolina; L=Raleigh; O=Katello; OU=SomeOrgUnit; CN=satellite.example.com
*  SSL certificate verify ok.
* Server auth using Basic with user 'user'
* TLSv1.3 (OUT), TLS app data, [no content] (0):
> POST /ansible/api/ansible_override_values HTTP/1.1
> Host: satellite.example.com
> Authorization: Basic dXNlcl8wMzUwODIyMzp1c2VyMTIz
> User-Agent: curl/7.61.1
> Accept: */*
> Content-Type:application/json
> Content-Length: 144
> 
* upload completely sent off: 144 out of 144 bytes
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS app data, [no content] (0):
< HTTP/1.1 500 Internal Server Error
< Date: Fri, 26 May 2023 08:30:26 GMT
< Server: Apache
< Foreman_version: 3.1.1.26
< Foreman_api_version: 2
< Foreman_current_organization: ; ANY
< Foreman_current_location: ; ANY
< Content-Type: application/json; charset=utf-8
< Cache-Control: no-cache
< X-Request-Id: 2538da5a-4e6d-4db4-b62c-e9e174f3b116
< X-Runtime: 0.173554
< Strict-Transport-Security: max-age=631139040; includeSubdomains
< X-Frame-Options: sameorigin
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Content-Security-Policy: default-src 'self'; child-src 'self'; connect-src 'self' ws: wss:; img-src 'self' data:; script-src 'unsafe-eval' 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self'
< Set-Cookie: _session_id=836da03c4e890b5bc6c5498e0edb758e; path=/; secure; HttpOnly; SameSite=Lax
< Via: 1.1 satellite.example.com
< Connection: close
< Transfer-Encoding: chunked
< 
{
  "error": {"message":"Internal Server Error: the server was unable to finish the request. This may be caused by unavailability of some required service, incorrect API call or a server-side bug. There may be more information in the server's logs."}
}
* Closing connection 0
* TLSv1.3 (OUT), TLS alert, [no content] (0):
* TLSv1.3 (OUT), TLS alert, close notify (256):

Environment

  • Red Hat Satellite 6.11
  • Red Hat Satellite 6.12

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content