[Nut-upsdev] [nut-Feature Requests][310492] Allow to specify hostnames in ACL (upsd.conf)
Arnaud Quette
aquette.dev at gmail.com
Sun Jan 27 21:22:11 UTC 2008
> [...]
> > What I'm not sure about is the need of such a fin granularity in the
> > command/var. settings.
>
> That still puzzles me too. I can imagine that one doesn't want to give
> each user RW access to a UPS, but it is beyond me why you would want limit
> access to just a subset of commands. Or it would be that on a UPS with
> multiple outputs, you'd give someone the right to control only one of the
> outputs.
> [...]
while rewriting the website, I found Russell's original idea in the
features list:
8<-----------------------------------------------------------------------------------------------------------------
Security and access control
* Manager functions are granted with per-user granularity. The
admin can have full powers, while the admin's helper can only do
specific non-destructive tasks such as a battery test.
8<-----------------------------------------------------------------------------------------------------------------
While this can be really helpful on big (huge) setup, this is far too
much for simple setup.
I still have to dig how we can map to something like PAM or ConsoleKit
(this would allow the removal of the "password" field) and how this
would allow to manage groups privileges (as for admin and helpers).
Arnaud
--
Linux / Unix Expert R&D - MGE Office Protection Systems - http://www.mgeops.com
Network UPS Tools (NUT) Project Leader - http://www.networkupstools.org/
Debian Developer - http://people.debian.org/~aquette/
Free Software Developer - http://arnaud.quette.free.fr/
More information about the Nut-upsdev
mailing list