----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/48497/#review137673 -----------------------------------------------------------
I like it. Simple, but effective. It gives admins an easy starting point for authz, and a path to gradually tightening their authz restrictions. support/acls_template.json (lines 2 - 4) <https://reviews.apache.org/r/48497/#comment202858> Inconsistent tabbing. In fact, you should probably just let `jq` pretty-print this for you. Example: ``` { "register_frameworks": [ { "roles": { "type": "ANY" }, "principals": { "type": "ANY" } } ], "permissive": false } ``` (but you can move permissive back to the top if you like) support/acls_template.json (lines 26 - 35) <https://reviews.apache.org/r/48497/#comment202861> Remove duplicate (this may have once been shutdown_frameworks) - Adam B On June 14, 2016, 6:20 a.m., Joerg Schad wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/48497/ > ----------------------------------------------------------- > > (Updated June 14, 2016, 6:20 a.m.) > > > Review request for mesos, Adam B and Neil Conway. > > > Bugs: MESOS-5583 > https://issues.apache.org/jira/browse/MESOS-5583 > > > Repository: mesos > > > Description > ------- > > A common problem for a users starting to use > acls is that once they set `permissive = false` and > not add acls allowing common operations (e.g., > register_framework) their Mesos cluster don't > behave as expected. This patch adds some > documentation and a sample acls template to > help users to avoid this problem. > > > Diffs > ----- > > docs/authorization.md dcf2160424771c513579063911cc14792f464821 > support/acls_template.json PRE-CREATION > > Diff: https://reviews.apache.org/r/48497/diff/ > > > Testing > ------- > > viewed via website container. > > > Thanks, > > Joerg Schad > >
