[Freeipa-devel] Proposed changes to the HBAC grammar
Stephen Gallagher
sgallagh at redhat.com
Fri Nov 19 20:56:55 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/19/2010 03:55 PM, Simo Sorce wrote:
> On Fri, 19 Nov 2010 15:31:30 -0500
> Stephen Gallagher <sgallagh at redhat.com> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Breaking the thread intentionally to bring back focus.
>>
>> With Adam's recent input, I've modified the grammar to what I hope
>> will be it's final form.
>>
>> The complete grammar is available at
>> https://fedorahosted.org/sssd/wiki/HBAC_Grammar
>>
>> The differences from my previous proposal (involving septets) is here:
>> https://fedorahosted.org/sssd/wiki/HBAC_Grammar?action=diff&version=3
>>
>>
>> The primary change is that instead of introducing the septet concept,
>> we will specify "day within a range". So the first Friday of the month
>> would be:
>>
>> accessTime = periodic monthly on Fri between 1-7
>>
>> Tuesdays for the second half of the month would be:
>> accessTime = periodic monthly on Tue between 15-31
>>
>>
>> I don't anticipate that last being very common, but it's now possible.
>>
>> Please chime in if you have any further comments about the grammar, or
>> we will declare this final and move to adjusting the implementation
>> next week.
>
> So we loose the possibility of saying: the last friday of the month ?
It's not impossible, it can still be done with this schema, though it's
somewhat more complicated.
You'd need to set it up as separate rules for each particular month.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkzm5JcACgkQeiVVYja6o6Pv1wCeNLivqHkH4tbT0kPFboa/EnZx
HTMAni0PdakTcad85YDMZ4NUmygZl9TW
=ddmI
-----END PGP SIGNATURE-----
More information about the Freeipa-devel
mailing list