Return to
access.conf
CVS log
Up to [Pegasus] / pegasus / rpm
|
Return to
access.conf
CVS log
|
Up to [Pegasus] / pegasus / rpm
|
|
File: [Pegasus] / pegasus / rpm / access.conf
(download)
Revision: 1.2, Tue Feb 19 16:09:44 2008 UTC (16 years, 3 months ago) by b.whiteley Branch: MAIN CVS Tags: TASK_PEP328_SOLARIS_NEVADA_PORT, TASK-PEP328_SOLARIS_NEVADA_PORT_v2-root, TASK-PEP328_SOLARIS_NEVADA_PORT_v2-branch, TASK-PEP328_SOLARIS_NEVADA_PORT-root, TASK-PEP328_SOLARIS_NEVADA_PORT-branch, TASK-PEP328_SOLARIS_IX86_CC_PORT-root, TASK-PEP328_SOLARIS_IX86_CC_PORT-branch-v2, TASK-PEP328_SOLARIS_IX86_CC_PORT-branch, TASK-PEP311_WSMan-root, TASK-PEP311_WSMan-branch, RELEASE_2_9_0-FC, RELEASE_2_8_2-RC1, RELEASE_2_8_2, RELEASE_2_8_1-RC1, RELEASE_2_8_1, RELEASE_2_8_0_BETA, RELEASE_2_8_0-RC2, RELEASE_2_8_0-RC1, RELEASE_2_8_0-FC, RELEASE_2_8_0, RELEASE_2_8-root, RELEASE_2_8-branch, Makefile Changes since 1.1: +1 -3 lines BUG#: 7432 TITLE: access.conf should allow remote root login by default. DESCRIPTION: rpm/access.conf currently says: # Pegasus PAM Access Rules: # 1. The Remote host user access rule: # By default, ONLY the pegasus user can use remote network HTTP/S service: # -: ALL EXCEPT pegasus:wbemNetwork This significantly reduced the usefulness of Pegasus out of the box. The root user should be able to log in by default. |
############################################################################## # Pegasus WBEM HTTP/HTTPS Network Service User Access Control Table: # # This file controls access to the Pegasus WBEM Network services by users # with the PAM pam_access module . # # The format of the access control table is three fields separated by a # ":" character: # # permission : users : origins # # The first field should be a "+" (access granted) or "-" (access denied) # character. # # The second field should be a list of one or more login names, group # names, or ALL (always matches). A pattern of the form user@host is # matched when the login name matches the "user" part, and when the # "host" part matches the local machine name. # # If you run NIS you can use @netgroupname in host or user patterns; this # even works for @usergroup@@hostgroup patterns. Weird. # # The EXCEPT operator makes it possible to write very compact rules. # # The group file is searched only when a name does not match that of the # logged-in user. Both the user's primary group is matched, as well as # groups in which users are explicitly listed. # # The third field must be 'wbemNetwork', to control access by users from # remote hosts, or 'wbemLocal', to control access by users from the local host. ############################################################################## # # Pegasus PAM Access Rules: # 1. The Remote host user access rule: # -: ALL EXCEPT pegasus root:wbemNetwork # # # 2. The Local host user access rule: # -: ALL EXCEPT pegasus root:wbemLocal
| No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |