How can I create a user with rights to install packages on a publish instance?

hi,

 

i trying create user rights upload , install content packages on cq publish instance , not wish use admin user.  adding new user administrators group not seem enough.

 

i tried adding rep:grantace node through crx de/explorer reported node locked.  able upload content package removed rep:denyace jcr:read everyone, not safe seems.

 

is there special privilege need add user/group allow them access /etc/packages tree or need add permission somewhere within tree.

 

regards,

 

chris

with help david collie, alex klimetschek & jörg hoh have better idea of going on , we've found solution. 

 

it seems admin account works in these scenarios has special privileges in crx security system; admin can likes.

 

instead of creating rep:grantace nodes directly, able add new acl entry the administrators group /etc/packages via access control editor (http://localhost:4502/crx/explorer/ui/aceditor.jsp?ck=1373027669916&name=aceditor&path=%2f etc%2fpackages&_charset_=utf-8). 

 

strangely, administrators account had inherited rights on directory overridden deny|everyone|jcr:read acl entry on /etc/packages node.  adding allow:administrators|jcr:read gives member of group access read , write /etc/packages. directory.

 

now have setup user can setup deploy step in out ci build not rely on using admin account.

 

thanks

 

chris

More discussions in Archived Spaces

adobe