[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] Minimum permissions to register a consumer



Hi James,

The following worked for me. The READ operation is used during the
registration of a client.

pulp-admin role create --role registration-users

pulp-admin permission grant --role registration-users \
 --resource /consumers/ --operation CREATE --operation READ

pulp-admin user create --username consumer-registrar \
 --password=register  --name "Used for consumer registrations"

pulp-admin role add --role registration-users --user consumer-registrar


Regards,
Willem


On Fri, Dec 9, 2011 at 5:18 PM, James Hogarth <james hogarth gmail com> wrote:
>
> Hi,
>
> Trying to lock down the minimum permissions to register a consumer
> given that pulp-consumer -u <username> -p <password> register --id
> `uname -n` would be needed in the kickstart and that would be plainly
> visible....
>
> It appears that /consumers/ CREATE is sufficient... but I'm not sure
> exactly how the user for the system gets created with that little
> permissions for the registration user....
>
> Is that purely backend? Is there anything I'm missing or not seeing by
> allowing /consumers/ CREATE to a kickstart registration user?
>
> Thanks,
>
> James
>
> _______________________________________________
> Pulp-list mailing list
> Pulp-list redhat com
> https://www.redhat.com/mailman/listinfo/pulp-list


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]