Sandeep Giri wrote: > I wish to have a mechanism such that it is possible to restrict the > aceess to authenticated and authorized user can update the software tools. > > Let us say I have following packages: > > /candy > /commonsecret > > There are three users: frnd and sweetheart > > Now I want that "frnd" can access only "candy" that too after keying in > the login/password while sweetheart can acees both "candy" and > "commonsecret" after keying-in the login/password. > > Is this possible using pkg? > > I was thinking of putting pkg.depotd behind apache and use the > authentication/authorisation provided by Apache web server. Is that a > good idea?
pkg(5) currently doesn't have any authentication ability for the sort of scenario you describe, yet. The closest bugs we have open are the following: 689 Allow pkgsend cli to support authenticated uploads http://defect.opensolaris.org/bz/show_bug.cgi?id=689 2153 IPS depot needs to have authentication database interface http://defect.opensolaris.org/bz/show_bug.cgi?id=2153 However, I don't believe that we currently have any plans to support authentication on a per-package basis; only a per-repository basis. My advice to you is that it would be easier to manage access on a per-repository basis, than it would be to manage on a per-package basis. Cheers, -- Shawn Walker _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
