Issue #1797 has been reported by nigelk2. ---------------------------------------- Feature #1797: Mac OS X authorization database provider. http://projects.reductivelabs.com/issues/show/1797
Author: nigelk2 Status: Unreviewed Priority: Normal Assigned to: Category: Target version: Complexity: Unknown Affected version: 0.24.6 Keywords: See: http://developer.apple.com/documentation/Security/Conceptual/Security_Overview/Security_Services/chapter_4_section_5.html for an overview of how AuthorizationServices works. This type and provider allow you to manipulate the /etc/authorization database atomically, which is a significant improvement over the monolithic file management most people do. It also allows you to manage both rules and rights, something the security binary is unable to do. This provider is restricted to OS X 10.5 or later due to required support not existing in 10.4 unfortunately. examples: <pre> macauthorization { 'system.device.dvd.setregion.initial': shared => 'true', auth_type => "right", auth_class => 'user', group => 'admin', ensure => 'present', comment => 'Used by the DVD player to set the region code the first time. Note that changing the region code after it has been set requires a different right (system.device.dvd.setregion.change).' } macauthorization {"nigel.testing": ensure => "absent", auth_type => "right", } macauthorization { 'authenticate-session-owner-via-password-or-kerb-two': allow_root => 'false', shared => 'false', auth_type => 'rule', auth_class => 'user', ensure => 'present', comment => 'NBK TEST CHANGE - Authenticate as the owner via password or kerb.', mechanisms => ['builtin:authenticate','builtin:krb5authnoverify,privileged'] } </pre> patches to go to dev list in a second. ---------------------------------------- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
