On Aug 28, 2015, at 11:40 AM, Ron W <[email protected]> wrote: > On Thu, Aug 27, 2015 at 9:47 PM, Lonnie Abelbeck <[email protected]> > wrote: > On Aug 27, 2015, at 6:27 PM, Ron W <[email protected]> wrote: > > > Why "a" and not "d" (developer)? Seems to me that would cover the needed > > permissions to manager the Astrix and AstLinux conf files. > > I meant 'v', not 'd' ('v' is developer permissions, which is a "macro" for > the combined permissions assigned to "developer", "anonymous' and 'nobody'.) > > Since the user has lighttpd's admin privileges under the AstLinux web > interface, it seemed reasonable to us that "a" privileges in Fossil would be > appropriate. Possibly we are allowing some privilege we really don't want, > but in our testing things seemed appropriate. > > If there is some reference describing the extra permissions of 'a' vs. 'dei' > I would appreciate it. > > #1 under Notes in the User admin page states that 'a' (Admin) permissions are > "Create and Delete Users". Since your user management is done outside Fossil, > this would seem to not be needed. > > Apparently, 'a' inherits 'v' permissions, though this is not mentioned. (Not > sure, have not tested this, but your experience implies it is inherited.) > > BTW, starting Fossil server with "fossil server $REPOSITORY --scgi > --localhost --port 8055" (adding the --scgi option) - and configuring > lighttpd to treat Fossil as an SCGI service - will allow Fossil to know the > user name as authenticated by lighttpd. (see "Fossil as SCGI" on > https://www.fossil-scm.org/index.html/doc/trunk/www/server.wiki)
Thanks Ron ! That is helpful, much appreciated. Lonnie _______________________________________________ fossil-users mailing list [email protected] http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
