Menu
▾
▴
Re: Webmin user creation.
|
From: Jamie C. <jca...@we...> - 2001-04-02 08:01:28
|
Joe Cooper wrote:
>
> Ok, I'm getting better at figuring out what needs to go into a
> hash...but not good enough to figure out how the Webmin Users
> &create_user function works.
>
> I've gathered, I think, almost everything I need in the %user hash when
> calling &foreign_call("acl", "create_user", \%user). But I'm having
> issues with the ACLs for the modules, mainly because I can't figure out
> how to print the modules array within the hash so I can see what it
> looks like.
>
> So, how do I generate a correct array of modules to be added for my new
> user? As in the previous system user generation query, I'm creating the
> user from nothing but the name and a template.
Basically, the create_user function takes a reference to a hash \%user that
contains the following important keys
name - The user's login name
pass - The crypt() encrypted password
modules - A reference to an array of modules that the user will have access to
> Each user will have permission to edit their own virtual host in Apache,
> aliases and read mail in Sendmail, and a few other modules (like
> documentation, log analyses tools, etc.).
>
> I'm kind of stumped also, about how to do specific module level ACL
> stuff. Like limiting the user to only their own virtual host and
> aliases, and such. I've located the save_acl.cgi stuff, and kind of
> understand what's happening, but a pointer or two would be much appreciated.
Detailed module acls are controlled by the username.acl file in each module's
subdirectory under /etc/webmin. This file is just a list of name=value pairs,
the exact meaning of which are not really documented anywhere :) They are
set by the acl_security.pl script in each module's directory, and
usually loaded into the %access array by the &get_module_acl function called by
module CGI programs and interpreted to allow or deny access to certain functions.
You can get an idea how this works by setting some detailed acls manually and
then looking at the values in the username.acl file ..
- Jamie
|
