Poster of Linux kernelThe best gift for a Linux geek
TORRUS_ACLEDIT

TORRUS_ACLEDIT

Section: torrus (8) Updated: 2010-05-12
Local index Up
 

NAME

acledit - Manage Torrus access control lists (ACLs).  

SYNOPSIS

torrus acledit [options...]  

DESCRIPTION

This command manages the Torrus access control lists. Each user is identified by user ID, and has a set of attributes. Currently supported attributes are "cn" (common name) and "userPasswordMD5" (MD5 digest of the user's password).

Each user belongs to one or several groups. Each group has its own set of privileges. A privilege is identified by privilege name and object name. Currently only one privilege name is supported: "DisplayTree", and the object name is the name of the tree that this group is allowed to browse.

User authorization in the web interface is controlled by the $Torrus::ApacheHandler::authorizeUsers variable in torrus-siteconfig.pl.  

GROUP MANAGEMENT OPTIONS

--addgroup=GROUP
Creates a new group with the given name.
--delgroup=GROUP
Deletes the group with the given name.
--modgroup=GROUP
Modifies the given group.
--permit=PRIVILEGE
Grants privilege to group(s). Currently supported privileges are: "DisplayTree" for displaying a datasource tree, and "DisplayAdmInfo" for displaying the administrative information (all significant parameters for a given datasource leaf).
--deny=PRIVILEGE
Revokes group(s) privilege.
--for=OBJECT
Object for which privileges are granted or revoked. Currently it must be the name of the tree for which the "DisplayTree" and "DisplayAdmInfo" privilegs are granted or revoked. The asterisk (*) instead of the object name assigns the privilege for all objects.
 

USER MANAGEMENT OPTIONS

--adduser=UID
Creates a new user with the given user ID.
--deluser=UID
Deletes user with the given user ID.
--moduser=UID
Modifies the user attributes for the given user ID.
--addtogroup=GROUP
Adds user to the given group.
--delfromgroup=GROUP
Deletes user from the given group.
--password=PASSWORD
Sets user's password.
--cn=NAME
Sets user's common name.
--showuser=UID
Displays information for a given user.
 

GENERAL OPTIONS

--export=FILE
Exports ACL configuration to a given file.
--template=FILE
Uses the given template file when exporting. Default value is aclexport.xml.
--import=FILE
Imports ACL configuration from the given file.
--clear
Deletes all user and privileges configuration.
--list
Lists all users and groups they belong to.
--debug
Sets the log level to debug.
--verbose
Sets the log level to info.
--help
Displays a help message.
 

EXAMPLES

  torrus acledit --addgroup=staff --permit=DisplayTree \
    --for=main --for=thecustomer
  torrus acledit --adduser=jsmith --password=mysecretpassword \
    --cn="John Smith" --addtogroup=staff
  torrus acledit --addgroup=admin --permit=DisplayTree --for='*'

This example creates a group staff and gives all its members the permission to browse the datasource trees main and thecustomer. The next command creates a user jsmith and addts it to this group. The user name will be displayed as John Smith, and it will be let in with the given password. The third command creates a group admin which is allowed o browse all existing trees.  

FILES

/etc/torrus/conf/torrus-siteconfig.pl
Torrus site configuration script.
/usr/share/torrus/templates/aclexport.xml
Default template for the exports of ACL configuration.
 

SEE ALSO

torrus(8)  

NOTES

See more documentation at Torrus home page: http://torrus.org  

AUTHOR

Stanislav Sinyagin <ssinyagin@yahoo.com>


 

Index

NAME
SYNOPSIS
DESCRIPTION
GROUP MANAGEMENT OPTIONS
USER MANAGEMENT OPTIONS
GENERAL OPTIONS
EXAMPLES
FILES
SEE ALSO
NOTES
AUTHOR

This document was created by man2html, using the manual pages.
Time: 22:02:31 GMT, April 16, 2011