On Sat, Mar 5, 2011 at 1:39 PM, Markus Roberts <mar...@puppetlabs.com> wrote: > J -- > >> It occurs to me that the logical extension of a Dashboard RBAC system >> (or perhaps even moving elements of the problem upstream) is for >> auth.conf to recognize users or perhaps better "roles" as an >> authentication construct. > > I like. There would be some details that should be sorted out up front > (e.g. if there's an allow rule for the role but a deny rule for the IP, what > happens) but assuming these could be given a clear and coherent answer > (which we would of course document and test, right?) it could be extremely > useful for not too much effort.
I'm in favor of anything that helps reduce the confusion between hostname and certname. -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to puppet-dev@googlegroups.com. To unsubscribe from this group, send email to puppet-dev+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
