Fossil Forum

My understanding is that both nobody and anonymous get non-logged in permissions, with the individual permissions as you record.

But they "cascade": so anonymous "inherits" the perms from nobody. That's my way of explaining this bit of the documentation, anyway.

So your FOSSIL_CAPABILITIES=ghjmoz2 is just an amalgam of anonymous ≥ nobody. (I stand to be corrected, though!)

Edit: reading further in the docs, I suspect my explanation is rubbish (at least to the extent that anonymous by definition means "logged-in"). Hopefully some properly informed response will be forthcoming. Z

Correct. "anonymous" gets both "anonymous" and "nobody" capabilities. I suspect that the OP is actually logged in as anonymous.

What is the value of FOSSIL_USER?

If it's anonymous then I think this is working as expected.

And what do you see that the repository's /login page?

Here's my test method:

Open an new private browser window.

I enter the URL for /repo/ext/env. I log in using basic auth to the proxy server. My request is sent to fossil and I get the "robot check". I click on OK and see the output from the script:

FOSSIL_USER is not set in the environment. FOSSIL_CAPABILITIES=ghjmoz2 is set in the environment.

I then go to /repo/home I see "Not logged in 2026-03-30 16:58" in the top right and a login link in the top menu. When I view a wiki page I do not have an Edit link.

That tells me I am not logged in (as far as fossil is concerned).

Now I log into fossil as anonymous. When I view a wiki page, I see an Edit link. On the page I see "Logged in as anonymous 2026-03-30 17:09" and the Login link is replaced by the "anonymous" link.

When I go to /repo/ext/env again I see FOSSIL_USER=anonymous in the environment and the same FOSSIL_CAPABILITIES value.

I wonder if fossil is reacting to the basic auth header. I replaced fossil with netcat and can confirm that the Authorization: Basic .... header is sent to fossil.

I do not have "Allow REMOTE_USER authentication" checked. Also the username in the Basic auth header (demo) doesn't not exist in fossil's user database. There is a "demo1" user in the database, but that shouldn't be matched. Also "Allow HTTP_AUTHENTICATION authentication" is not checked. The Basic auth is only to get past the front end proxy.

Ideas?

Answered in my reponse to Richard but TL;DR:

FOSSIL_USER is not defined. The login page asks for userid password and displays the anonymous password graphic.

Thank you. I agree that is curious.

I wonder if fossil is reacting to the basic auth header.

Nope.

I configured a different route in the pound http proxy that bypasses authentication for access to /repo/ext/env.

I used netcat to confirm that the Authorization header was not sent. I still see the same incorrect FOSSIL_CAPABILITIES under this new access route.

Disable (turn off) the auto-hyperlink property

Disable (turn off) the auto-hyperlink property

I set the "Enable hyperlinks base on User-Agent and/or Javascript" setting under "Admin"->"Robot Defense" to "off".

Is that what you meant?

After doing that, I restarted fossil and /repo/ext/env is still showing:

  FOSSIL_CAPABILITIES=ghjmoz2

So no change. What were you expecting to see?

In case you meant the 'h' capability for the anon user, I also removed 'h' from anonymous and it only removed the 'h' from FOSSIL_CAPABILITIES, the 'm' still bled through.

Also "This is fossil version 2.28 [73512f45db] 2026-02-28 01:09:41 UTC".

Am I doing something wrong?

I don't think this makes a difference but:

fossil  settings  -R path/to/repo.fossil auto-hyperlink
auto-hyperlink           (local)     0
auto-hyperlink-delay
auto-hyperlink-mouseover (local)     0

Not sure if the fact that this is a local setting matters.

The global dump reports:

fossil  settings  -R path/to/repo.fossil --global auto-hyperlink
auto-hyperlink
auto-hyperlink-delay
auto-hyperlink-mouseover