diff options
author | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-02 20:15:47 +0000 |
---|---|---|
committer | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-02 20:15:47 +0000 |
commit | df67f8c9c40877aa6190f26649fde020eb0429bb (patch) | |
tree | a621ce3842a6e53be4ae3238ac867e0dea3205fc /pki/base/tks | |
parent | 213bd2795ceba5b15192d28efdd700301ae43f29 (diff) | |
download | pki-df67f8c9c40877aa6190f26649fde020eb0429bb.tar.gz pki-df67f8c9c40877aa6190f26649fde020eb0429bb.tar.xz pki-df67f8c9c40877aa6190f26649fde020eb0429bb.zip |
Bugzilla BZ# 631179 - Administrator is not allowed to remove ocsp signing certificate using console
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1465 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/tks')
-rw-r--r-- | pki/base/tks/shared/conf/acl.ldif | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pki/base/tks/shared/conf/acl.ldif b/pki/base/tks/shared/conf/acl.ldif index b246d40c9..837e2ea15 100644 --- a/pki/base/tks/shared/conf/acl.ldif +++ b/pki/base/tks/shared/conf/acl.ldif @@ -8,7 +8,7 @@ objectClass: top objectClass: CertACLS cn: aclResources resourceACLS: certServer.usrgrp.administration:read,modify:allow (read) group="Administrators" || group="Auditors" || group="Token Key Service Manager Agents";allow (modify) group="Administrators":Administrators, auditors, and agents are allowed to read user and group configuration but only administrators are allowed to modify -resourceACLS: certServer.general.configuration:read,modify:allow (read) group="Administrators" || group="Auditors" || group="Token Key Service Manager Agents";allow (modify) group="Administrators":Administrators, auditors, and agents are allowed to read CMS general configuration but only administrators are allowed to modify +resourceACLS: certServer.general.configuration:read,modify,delete:allow (read) group="Administrators" || group="Auditors" || group="Token Key Service Manager Agents";allow (modify,delete) group="Administrators":Administrators, auditors, and agents are allowed to read CMS general configuration but only administrators are allowed to modify and delete resourceACLS: certServer.acl.configuration:read,modify:allow (read) group="Administrators" || group="Auditors" || group="Token Key Service Manager Agents";allow (modify) group="Administrators":Administrators, agents and auditors are allowed to read ACL configuration but only administrators allowed to modify resourceACLS: certServer.log.configuration:read,modify:allow (read) group="Administrators" || group="Auditors" || group="Token Key Service Manager Agents";allow (modify) group="Administrators":Administrators, Agents, and auditors are allowed to read the log configuration but only administrators are allowed to modify resourceACLS: certServer.log.configuration.fileName:read,modify:allow (read) group="Administrators" || group="Auditors" || group="Token Key Service Manager Agents";deny (modify) user=anybody:Nobody is allowed to modify a fileName parameter |