Forum: Cfengine Help
Subject: path based access rules on server
Author: joke
Link to topic: https://cfengine.com/forum/read.php?3,18833,18833#msg-18833
Hello,
I'm trying to figure out if there is a way to restrict cf-agent's access to
cf-serverd during copy_from operation based on the hostname of cf-agent
(client).
It should work like this: client0 is only permitted to copy files from the
server underneath the directory ".../client0/..." and client1 is only permitted
to copy files underneath ".../client1/...". The server should refuse access if
client1 tries to copy files from client1's directory.
Here's an example:
bundle server access_rules {
access:
"/some_path/files/client0.domain/"
admit => { "client0.domain" },
ifencrypted => "true";
"/some_path/files/client1.domain/"
admit => { "client1.domain" },
ifencrypted => "true";
}
But instead of defining the access rules individually for each client I would
like to do this in some kind of pattern base way. Like this:
bundle server access_rules {
access:
"/some_path/files/$(client_homename)/"
admit => { "$(client_hostname)" },
ifencrypted => "true";
}
I can't find a way how to do this. Any suggestions would help.
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
