All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Tanous, Ed" <ed.tanous@intel.com>
To: Tom Joseph <tomjose@linux.vnet.ibm.com>,
	OpenBMC Maillist <openbmc@lists.ozlabs.org>
Subject: RE: Mapping LDAP group to user roles
Date: Tue, 21 Aug 2018 15:21:49 +0000	[thread overview]
Message-ID: <7E9441B1E5EFFD4681F54958E821699345832E4D@ORSMSX114.amr.corp.intel.com> (raw)
In-Reply-To: <1b935f90-dba3-ba95-f6b1-d8d2ff186ee7@linux.vnet.ibm.com>

> 
> We have a requirement to assign role to the LDAP users, so certain
> operations can be restricted for users without admin permissions.
> 

It would be great if you could document your proposal as a patch to the existing user management document here:
https://github.com/openbmc/docs/blob/master/user_management.md

It would make it much easier to see what changes you're proposing.  Given what already exists, your proposal is a little confusing, as there's already a mechanism to get group membership, and defined the user roles.  Are you proposing changing the existing interfaces to the new group collection type interface?  You're proposing two user roles, but we already have documented 4 user roles.  Is your proposal to delete two of them?

I think all of these questions would be answered if you could update the document above with your proposed changes.

  reply	other threads:[~2018-08-21 15:22 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-21 12:13 Mapping LDAP group to user roles Tom Joseph
2018-08-21 15:21 ` Tanous, Ed [this message]
2018-08-23 13:20   ` Tom Joseph
2018-08-23 16:29     ` Tanous, Ed
2018-08-28 14:55       ` Tom Joseph
2018-08-28 15:42         ` Thomaiyar, Richard Marian
2018-08-29 11:51           ` Ratan Gupta
2018-08-29 17:13             ` Thomaiyar, Richard Marian

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7E9441B1E5EFFD4681F54958E821699345832E4D@ORSMSX114.amr.corp.intel.com \
    --to=ed.tanous@intel.com \
    --cc=openbmc@lists.ozlabs.org \
    --cc=tomjose@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.