crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

freeradius: droit de lecture sur secrets

Browse source
This commit is contained in:
Daniel STAN 2014-03-02 01:48:32 +01:00
parent feec15b410
commit da84d830d2
2 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Bundler/secrets.xml
View file

@ -18,6 +18,9 @@
<Group name="secrets-acl">
<Action name="setfacl-secrets"/>
</Group>
<Group name="freeradius">
<Action name="setfacl-secrets-freerad"/>
</Group>
</Group>
</Group>
</Bundle>

10
Rules/secrets.xml
View file

@ -5,4 +5,14 @@
when="modified" status="check"
command="setfacl -m u:www-data:rx /etc/crans/secrets; setfacl -m u:www-data:r /etc/crans/secrets/secrets.py /etc/crans/secrets/dhcp.py"/>
</Group>
<Action name="setfacl-secrets-freerad" timing="post"
when="modified" status="check"
command="
setfacl -m u:freerad:rx /etc/crans/;
setfacl -m u:freerad:rx /etc/crans/secrets;
setfacl -m u:freerad:r /etc/crans/secrets/dhcp.py;
setfacl -m u:freerad:r /etc/crans/secrets/secrets.py;
setfacl -m u:freerad:r /etc/crans/secrets/trigger-generate.pub;
setfacl -m m::r /etc/crans/secrets/trigger-generate;
setfacl -m u:freerad:r /etc/crans/secrets/trigger-generate; "/>
</Rules>