Jamie Cameron wrote:
> Joe Cooper wrote:
>> Ok, I'm getting better at figuring out what needs to go into a
>> hash...but not good enough to figure out how the Webmin Users
>> &create_user function works.
>> I've gathered, I think, almost everything I need in the %user hash when
>> calling &foreign_call("acl", "create_user", \%user). But I'm having
>> issues with the ACLs for the modules, mainly because I can't figure out
>> how to print the modules array within the hash so I can see what it
>> looks like.
>> So, how do I generate a correct array of modules to be added for my new
>> user? As in the previous system user generation query, I'm creating the
>> user from nothing but the name and a template.
> Basically, the create_user function takes a reference to a hash \%user that
> contains the following important keys
> name - The user's login name
> pass - The crypt() encrypted password
> modules - A reference to an array of modules that the user will have access to
Ok. I think I've got it. And modules are just listed as elements in
the array: 'apache', 'sendmail', etc. (Without the quotes.) Correct?
>> Each user will have permission to edit their own virtual host in Apache,
>> aliases and read mail in Sendmail, and a few other modules (like
>> documentation, log analyses tools, etc.).
>> I'm kind of stumped also, about how to do specific module level ACL
>> stuff. Like limiting the user to only their own virtual host and
>> aliases, and such. I've located the save_acl.cgi stuff, and kind of
>> understand what's happening, but a pointer or two would be much appreciated.
> Detailed module acls are controlled by the username.acl file in each module's
> subdirectory under /etc/webmin. This file is just a list of name=value pairs,
> the exact meaning of which are not really documented anywhere :) They are
> set by the acl_security.pl script in each module's directory, and
> usually loaded into the %access array by the &get_module_acl function called by
> module CGI programs and interpreted to allow or deny access to certain functions.
> You can get an idea how this works by setting some detailed acls manually and
> then looking at the values in the username.acl file ..
Ok. This I can handle too, I think. I'll get the user creation
happening, and then tackle the ACLs. Will query further if I get lost.
Joe Cooper <joe@...>
Affordable Web Caching Proxy Appliances