Hey Dan, Not trying to micromanage but trying to protect the *nix sys admins that will be using this environment more extensively :) This is being setup for a small group of Windows admins that have a need to deploy some linux desktops and are not very familiar with linux cli, hense the web ui and the initiative to limit access. Thanks for the idea. Looks like jagga can copy a system if they are the owner and can edit the copy but not delete.
Thanks again for your help! This will work for us. Really appreciate your suggestion. On Sun, Dec 28, 2014 at 7:21 PM, Jagga Soorma <[email protected]> wrote: > Hi Guys, > > I am new to cobbler and deploying this in our production environment. > Everything is looking good so far. The one thing that I have run into > is that I have a need to allow a small set of admins access to cobbler > via the web and have them only create new systems in cobbler for some > workstations. I was able to do the following: > > modules.conf: > module = authn_pam > module = authz_ownership > > With this my local krb authenticated users can now login to the > cobbler web ui. I defined the following in users.conf: > > [users] > jagga = "" > > Now I am able to login as jagga on the cobbler web ui but have no > access. The only way I can get this user to do anything on the > systems is if I using my admin privs create a system "cobbler system > add" with the --owner=jagga tag. Once this is done then jagga can > modify this system without any issues on the web ui but still can't > create a system. I want jagga to be able to create new systems in the > web ui but not do anything with profiles/distros or server settings. > Is there something that I am missing here? Is it even possible to do > what I am trying to do here? Or should I just give jagga login privs > to the cobbler server and then via sudo allow access to create new > systems? > > Thanks in advance for your help with this. _______________________________________________ cobbler mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/cobbler
