> Assign ownership of the distro/profile/repo objects to your admin group only.
Isn't that the default behaviour?
Here's my current config, which I've done nothing to, the owners are
set to admin automatically.
What am I missing?
# cobbler distro dumpvars --name=5Server-x86_64 | grep owners
'default_ownership': ['admin'],
'owners': ['admin'],
# cobbler profile dumpvars --name=5Server-x86_64-profile | grep owners
'default_ownership': ['admin'],
'owners': ['admin'],
# cobbler system dumpvars --name=5Server-x86_64-system | grep owners
'default_ownership': ['admin'],
'owners': ['admin'],
> Let other people create systems and the ownership of those system records
> will go to them.
This is where I'm getting confused.
Can you show me what my modules.conf, users.conf and cobbler.conf
files should look like to implement the following. I'm totally
misunderstanding what you're trying to get me to do.
Allow users listed in user.conf [admins] section to do everything, but
for everyone else:
allow
list on distros, profiles, repos, kickstarts
list/copy/modify/new/remove/save on systems
deny
everything else (copy/modify/new/remove/save) on distros,
profiles, repos, kickstarts
On Thu, Aug 13, 2009 at 9:36 AM, Michael DeHaan<[email protected]> wrote:
> On 08/13/2009 12:33 PM, Paul Company wrote:
>
> You can't prevent new systems, but ...
>
>
> I don't understand this statement.
>
>
> You cannot currently prevent authenticated users from creating new system
> records.
>
> I want everyone who passes the authentication phase to edit systems.
>
>
> This is the way it presently works.
>
> I just want to lock everyone, but admins, out of distros, profiles, and
> repos.
>
>
> Yes, this is easy, just assign admin ownership to them and do not list other
> users in the ownership fields
> for those things.
>
> I still don't know if that's possible.
>
>
> It is.
>
> I feel like I'm communicating clearly what I want to do.
> Here is what I want to do:
>
> Allow users listed in user.conf [admins] section to do everything, but
> for everyone else:
> allow
> list on distros, profiles, repos, kickstarts
> list/copy/modify/new/remove/save) on systems
> deny
> everything else (copy/modify/new/remove/save) on distros,
> profiles, repos, kickstarts
>
> Can this be done?
> Yes or No
>
>
> Yes.
>
>
> If yes, how do you do it?
>
>
> Assign ownership of the distro/profile/repo objects to your admin group
> only.
> Let other people create systems and the ownership of those system records
> will go to them.
>
>
>
> _______________________________________________
> cobbler mailing list
> [email protected]
> https://fedorahosted.org/mailman/listinfo/cobbler
>
>
_______________________________________________
cobbler mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/cobbler
