Hi,
There is a problem with the cobbler Web-UI I have got working.
I am trying to use ACLs so that some of our users are limited in their capability to do things.
I have tried tinkering with many of the settings in the following files to get ACLs working correctly the way I want:
/etc/cobbler/acls.conf /etc/cobbler/users.conf /etc/cobbler/modules.conf
It seems the ACLs are not working properly, they either give me complete access to everything as an admin, or they give me "access denied" to everything.
An eg of this inconsistency in the ACLs is as follows for the group jradmin:
More /etc/cobbler/acls.conf
[15:55] LINUX [root@g40lxsatlp01:/etc/cobbler]> more acls.conf --- admin: {} admins: {} jradmin: copy_distro: {} copy_image: {} copy_profile: {} copy_repo: {} modify_distro: {} modify_image: {} modify_profile: {} modify_repo: {} new_distro: {} new_image: {} new_profile: {} new_repo: {} remove_distro: {} remove_image: {} remove_profile: {} remove_repo: {} save_distro: {} save_profile: {} save_image: {} save_repo: {} write_kickstart_templates: {} lesstrusted: copy_*: {} modify_distro: {} modify_image: {} modify_profile: {} modify_repo: {} modify_system: modify-interface: gateway-*: {} hostname-*: {} ip-address-*: {} mac-address-*: {} subnet-*: {} new_*: {} remove_*: {} rename_*: {} save_distro: {} save_image: {} save_profile: {} save_repo: {} sync: {} write_kickstart_templates: {} unmatched: {}
cat users.conf
[admins] admin = "" #cobbler = "" #timmy = ""
[jradmin] timmy = "" cobbler
[lesstrusted] #timmy = "" BC1 = ""
#[timmy] #timmy = ""
[BC1] BC1 = ""
So users "timmy" and "cobbler" are both members of the group jradmin, therefore they should have all the abilities of this group as indicated in acls.conf. , but I cannot add anything new or even edit the existing objects etc as I should be able to.
Also do I need to change any of the permissions in /etc/fstab to include ACL support?
Thanks for your help.
Thanks