Hi. There is a local docker proxy configured for a remote repository at https://registry-1.docker.io. I have discovered that I (and other users) are able to docker push images to this repository using LDAP authentication on Nexus. After checking all the roles and permissions for this proxy, I did not find any rights to Add or Edit. Is this a feature of Nexus or a bug?
Hi @vlad116 - this is not a feature of Nexus. The fact that you can push to a proxy repository without finding any Add or Edit permissions suggests there might be a misconfiguration in your roles and privileges setup.
Here are some suggestions to troubleshoot the issue:
- Double-check all roles and privileges assigned to your users, paying special attention to any wildcard permissions.
- Verify that the repository in question is indeed a proxy repository and not part of a group that includes a writable hosted repository.
- Review the Nexus security realms configuration to ensure it’s set up correctly.
- Check the Nexus logs for any unusual activity or errors related to Docker pushes.
Hi. it’s strange. I have created a new docker repository (at https://registry-1.docker.io. with no access for everyone. granted permissions for one user to Read and View. And I can still do a push to this repository. nothing understood.