I just raised a ticket for this (https://tickets.puppetlabs.com/browse/MCOP-530), but realised I should have posted in the group first.
https://github.com/puppetlabs/mcollective-actionpolicy-auth plugin supports ACLs based on actions for a given agent, but does not allow access based on the argument. I would like to grant access for users to restart a specific service via mcollective, so would like to grant use of the "service" agent with the "restart" action and the argument "service=httpd", but currently I can only grant restart of any service because there is no way to restrict based on the argument. Is there a good reason not to enhance mcollective-actionpolicy-auth to support this? -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/d99de876-9bc2-4685-8bf1-6c7015822a8d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
