diff options
| author | Siim Põder <siim.poder@skype.net> | 2011-01-21 14:26:37 +0200 |
|---|---|---|
| committer | Josh Cooper <josh@puppetlabs.com> | 2011-05-31 09:12:15 -0700 |
| commit | c02126df4804b42ecaca2cdff675be9c4e24aa54 (patch) | |
| tree | 70aa53510b6660fedf0ae445b57581f6359bee04 /lib/puppet/rails/rails_resource.rb | |
| parent | d0592fabd27472ba0f5586393eff20e536f8766a (diff) | |
| download | puppet-c02126df4804b42ecaca2cdff675be9c4e24aa54.tar.gz puppet-c02126df4804b42ecaca2cdff675be9c4e24aa54.tar.xz puppet-c02126df4804b42ecaca2cdff675be9c4e24aa54.zip | |
(#5966) Add support for hostname regular expressions in auth.conf
When hosting multiple applications (especially with different security levels),
you may not want to allow every client to read all the files required for
every other client. Currently it is possible to do this when your host and
domain names reasonably reflect that grouping, ex: hostXYZ.someapp.domain.com.
However, if you have a more flat naming convention, it is difficult to write
these ACLs. This patch adds support for matching hostnames with regular
expressions, thus extending the ACLs to allow:
path /file_content/secrets/appserver
allow /appserver[0-9]+.example.com$/
path /file_content/secrets/otherservice
allow /^(test-)crazy[0-9]+.pattern.(com|net)$/
Signed-off-by: Josh Cooper <josh@puppetlabs.com>
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
Diffstat (limited to 'lib/puppet/rails/rails_resource.rb')
0 files changed, 0 insertions, 0 deletions