From 9033fe7cc3c6a59bd90c4742a47536699dee612d Mon Sep 17 00:00:00 2001
From: Seth Vidal <skvidal@fedoraproject.org>
Date: Mon, 8 Oct 2007 14:59:28 -0400
Subject: fine-grained acls per minion - adds minion-acl.conf

---
 etc/minion-acl.conf | 5 +++++
 etc/minion.conf     | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 etc/minion-acl.conf

(limited to 'etc')

diff --git a/etc/minion-acl.conf b/etc/minion-acl.conf
new file mode 100644
index 0000000..1a093a8
--- /dev/null
+++ b/etc/minion-acl.conf
@@ -0,0 +1,5 @@
+#config file for minion Access control lists
+#this specifies which methods a connecting client is allowed to run
+# format is: cn-certificate-hash = method1, method2, method3
+# default allows the certmaster key to run all methods
+
diff --git a/etc/minion.conf b/etc/minion.conf
index 9e18eac..dc4c0a1 100644
--- a/etc/minion.conf
+++ b/etc/minion.conf
@@ -4,4 +4,4 @@
 log_level = DEBUG
 certmaster = certmaster
 cert_dir = /etc/pki/func
-
+acl_config = /etc/func/minion-acl.conf
-- 
cgit