I just raised a ticket for this (https://tickets.puppetlabs.com/browse/MCOP-530), but realised I should have posted in the group first.
https://github.com/puppetlabs/mcollective-actionpolicy-auth plugin supports ACLs based on actions for a given agent, but does not allow access based on the argument. I would like to grant access for users to restart a specific service via mcollective, so would like to grant use of the "service" agent with the "restart" action and the argument "service=httpd", but currently I can only grant restart of any service because there is no way to restrict based on the argument. Is there a good reason not to enhance mcollective-actionpolicy-auth to support this? -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/d99de876-9bc2-4685-8bf1-6c7015822a8d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
