On Thu, Aug 27, 2015 at 9:47 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com>
wrote:
> On Aug 27, 2015, at 6:27 PM, Ron W <ronw.m...@gmail.com> wrote:
>
> > Why "a" and not "d" (developer)? Seems to me that would cover the needed
> permissions to manager the Astrix and AstLinux conf files.
>
I meant 'v', not 'd' ('v' is developer permissions, which is a "macro" for
the combined permissions assigned to "developer", "anonymous' and 'nobody'.)
> Since the user has lighttpd's admin privileges under the AstLinux web
> interface, it seemed reasonable to us that "a" privileges in Fossil would
> be appropriate. Possibly we are allowing some privilege we really don't
> want, but in our testing things seemed appropriate.
>
> If there is some reference describing the extra permissions of 'a' vs.
> 'dei' I would appreciate it.
#1 under Notes in the User admin page states that 'a' (Admin) permissions
are "Create and Delete Users". Since your user management is done outside
Fossil, this would seem to not be needed.
Apparently, 'a' inherits 'v' permissions, though this is not mentioned.
(Not sure, have not tested this, but your experience implies it is
inherited.)
BTW, starting Fossil server with "fossil server $REPOSITORY --scgi
--localhost --port 8055" (adding the --scgi option) - and configuring lighttpd
to treat Fossil as an SCGI service - will allow Fossil to know the user
name as authenticated by lighttpd. (see "Fossil as SCGI" on
https://www.fossil-scm.org/index.html/doc/trunk/www/server.wiki)
_______________________________________________
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
