diff options
author | Pieter van de Bruggen <pieter@puppetlabs.com> | 2011-05-04 16:44:48 -0700 |
---|---|---|
committer | Pieter van de Bruggen <pieter@puppetlabs.com> | 2011-05-04 16:44:48 -0700 |
commit | 5076c3794dcbfd708d9169d720b8fc5a41998a14 (patch) | |
tree | 84a9ae74e7a9334d9b407da2a412c81388b4fd20 /conf | |
parent | d4df6cc2274e119fb2a67bca0912667b0fef7866 (diff) | |
download | puppet-5076c3794dcbfd708d9169d720b8fc5a41998a14.tar.gz puppet-5076c3794dcbfd708d9169d720b8fc5a41998a14.tar.xz puppet-5076c3794dcbfd708d9169d720b8fc5a41998a14.zip |
(#7179) Modify default ACL for /node/<name>.
By default, it is useful to permit an individual node to query
information about itself, and there is no good reason to reject
this by default.
Paired-With: Nick Lewis
Diffstat (limited to 'conf')
-rw-r--r-- | conf/auth.conf | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/conf/auth.conf b/conf/auth.conf index 431e4b205..cb202a989 100644 --- a/conf/auth.conf +++ b/conf/auth.conf @@ -53,6 +53,11 @@ path ~ ^/catalog/([^/]+)$ method find allow $1 +# allow nodes to retrieve their own node definition +path ~ ^/node/([^/]+)$ +method find +allow $1 + # allow all nodes to access the certificates services path /certificate_revocation_list/ca method find |