diff options
| author | Michael DeHaan <mdehaan@redhat.com> | 2008-08-28 18:06:35 -0400 |
|---|---|---|
| committer | Michael DeHaan <mdehaan@redhat.com> | 2008-08-28 18:06:35 -0400 |
| commit | 84a71473ee437292d9b12b5ee8282dd96bbf61a0 (patch) | |
| tree | 1f92bef2059ea60e758ee9aa71dc3d46bcee1359 /config | |
| parent | f2406b0115acd0c2a34ac27f572037e02c54ddd8 (diff) | |
| download | cobbler-84a71473ee437292d9b12b5ee8282dd96bbf61a0.tar.gz cobbler-84a71473ee437292d9b12b5ee8282dd96bbf61a0.tar.xz cobbler-84a71473ee437292d9b12b5ee8282dd96bbf61a0.zip | |
Update modules.conf with notes that users really want authz_ownership to use
the ACL feature.
Diffstat (limited to 'config')
| -rw-r--r-- | config/modules.conf | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/config/modules.conf b/config/modules.conf index 9a483255..e795b125 100644 --- a/config/modules.conf +++ b/config/modules.conf @@ -52,15 +52,17 @@ module = authn_denyall # # WARNING: this is a security setting, do not choose an option blindly. # -# For modules above that have a concept of groups, /etc/cobbler/acls.conf -# will be enforced after this module is applied. For those that do not -# have a concept of groups (authz_allowall) it will be ignored. -# +# If you want to further restrict cobbler with ACLs for various groups, +# pick authz_ownership. authz_allowall does not support ACLs. configfile +# does but does not support object ownership which is useful as an additional +# layer of control. + # for more information: # https://fedorahosted.org/cobbler/wiki/CobblerWebInterface # https://fedorahosted.org/cobbler/wiki/CustomizableSecurity # https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization # https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership +# https://fedorahosted.org/cobbler/wiki/AclFeature [authorization] module = authz_allowall |