[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL questions



Thanks Buchan,

The above ACL seems a bit weird ... you probably want this 2nd-last.


it's weird probably because I have really know clue as to what I'm doing. I just removed it.



Move these attributes into their own ACL, so that you instead have:

access to
	attrs=userPassword
	by self write
 	by * auth

access to
	attrs=telephoneNumber,homePhone,homePostalAddress
 	by users write
 	by * read

access to *
        by anonymous read



Finally, you may also consider using a group for the write ACLs, so that
simply setting a password for a user doesn't compromise your ACLs.


Sorry, I'm not clear on what you mean about using a group. If you have time could you elaborate?

Well now it seems to be working okay. Users with passwords can view the "advanced" fields and can also add/delete entries. Anonymous users can view "basic" info. I did edit one thing though. I changed:

access to *
  by anonymous read

to:

access to *
 by users write
 by anonymous read

because authenticated users couldn't view anything without it. Was that incorrect?

Regards,
Buchan


-- Buchan Milne ISP Systems Specialist B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)