[et-mgmt-tools] Cobbler and the ownership module, question about policies?
Michael DeHaan
mdehaan at redhat.com
Tue Apr 1 16:24:22 UTC 2008
Slinky wrote:
>
>
> On 31/03/2008, *Michael DeHaan* <mdehaan at redhat.com
> <mailto:mdehaan at redhat.com>> wrote:
>
>
> -slash-
>
> The command line has none of these restrictions so you can always
> recover/reconfigure things with root if you find you've somehow locked
> yourself out.
>
>
> Will this always been the case? We'd like to see the same ownership
> model apply to the webui and CLI.
Originally I wasn't planning on adding auth to the command line.
Interesting idea.
You could also perhaps get away with making a simple remote command line
that only contained the features you needed and used the existing
XMLRPC/CobblerWeb code as a basis. It would have to accept a username
and password, possibly from doing something like reading ~/.cobbler.rc
or something? If it didn't have to do things like "import" it would be
pretty simple.
There are more complicated alternatives involving ACLs and setuid (non
root), but I think I like that solution better.
Thoughts?
>
>
> (It's also coded up so you can't use the WebUI to remove
> your own access from an object).
>
>
> ^ see above
>
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> et-mgmt-tools mailing list
> et-mgmt-tools at redhat.com
> https://www.redhat.com/mailman/listinfo/et-mgmt-tools
More information about the et-mgmt-tools
mailing list