On Thu, Aug 27, 2015 at 9:47 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com> wrote:
> On Aug 27, 2015, at 6:27 PM, Ron W <ronw.m...@gmail.com> wrote: > > > Why "a" and not "d" (developer)? Seems to me that would cover the needed > permissions to manager the Astrix and AstLinux conf files. > I meant 'v', not 'd' ('v' is developer permissions, which is a "macro" for the combined permissions assigned to "developer", "anonymous' and 'nobody'.) > Since the user has lighttpd's admin privileges under the AstLinux web > interface, it seemed reasonable to us that "a" privileges in Fossil would > be appropriate. Possibly we are allowing some privilege we really don't > want, but in our testing things seemed appropriate. > > If there is some reference describing the extra permissions of 'a' vs. > 'dei' I would appreciate it. #1 under Notes in the User admin page states that 'a' (Admin) permissions are "Create and Delete Users". Since your user management is done outside Fossil, this would seem to not be needed. Apparently, 'a' inherits 'v' permissions, though this is not mentioned. (Not sure, have not tested this, but your experience implies it is inherited.) BTW, starting Fossil server with "fossil server $REPOSITORY --scgi --localhost --port 8055" (adding the --scgi option) - and configuring lighttpd to treat Fossil as an SCGI service - will allow Fossil to know the user name as authenticated by lighttpd. (see "Fossil as SCGI" on https://www.fossil-scm.org/index.html/doc/trunk/www/server.wiki)
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users