[tac_plus] Re: Different privs for different devices?
Paul Floyd
shadrack at rocketmail.com
Wed Jun 30 22:08:03 UTC 2010
> A sensible approach that cause you more work than you think proper but leave
> you sane is to maintain two seperate group, acl and rights definitions, even
> if they overlap to greater or lesser degree.
Hmm... OK. Can you give me some insight as to how to do that? I'm OK creating
separate groups and ACLs, but how do I make a single user a member of both
groups? Or are you saying I also have to create two seperate userids for every
user?
> Or, Gabor might drop by with a suggestion, he has some very useful patches in
> his collection but I haven't tried them enough to comment.
Yeah, I saw mention of this in the mailing list archives, and even tried to
apply the patch, but the latest patch on his website is against 4.0.4.15 and
doesn't apply cleanly to 4.0.4.19. Also, I think the patch only handles
recursion of certain group properties, services not among them (i.e. even if it
handled the ACL, the priv-lvl would not be applied).
Thanks,
- Paul
More information about the tac_plus
mailing list