[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] restricting access to hobbit
- To: hobbit (at) hswn.dk
- Subject: Re: [hobbit] restricting access to hobbit
- From: "Phil Wild" <philwild (at) gmail.com>
- Date: Fri, 16 Nov 2007 00:11:37 +0900
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=q/nNhEAKi4l6X8aqiyMvoyY6pkbwSq296sqJmFxh08U=; b=AMGS454w/G6w45oVnJss7VOWJhQRELfLNlcAbnBJXfzZoYinJBMWF9eG3up1E0Uct26mfO2XooDoJXnNeICRnncbHuwxwGt7fGlr5qlBCY0Ks6GSGUqHeArLbJ332byZ+dQ2VIdXdiTy9OyrPRMLkx/jiSK0FHGc9aIn41IZ8LI=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=GOn/OzQeRtrqKgp3v/Jq2Qyp5zm0Mxd9Z3dVLfNzfFuUJLwVgImqOzXDd3KFRtVxSHmE+g9eeJocmT7Tnq3fHPED+sFGWxY1NzV/KtgfPRMdzeHwb85frT4/9rypFu4mCUUCZa0SuyWOj+WGVn5vtbbgbI0qveltsVMBVOX31n8=
- References: <258e9b160711142056n6747adb7m7db54effde743357 (at) mail.gmail.com> <961092e10711150702hf60d613n5d8deb957aaf32c9 (at) mail.gmail.com>
No, not quite, I want to make a single hobbit install work for two groups of
users, and I don't want group A to have any access to see or do anything to
Group B hosts and vice versa.
I am tryingto find out if there is a way of restricting the
reports/tools/executables to only run against a subset of the hosts defined
in bbhosts say like using bbgrep to filter on a tag or something for all
functions.
Any ideas?
Phil
On 16/11/2007, Josh Luthman <josh (at) imaginenetworksllc.com> wrote:
>
> The default Apache configuration that Hobbit makes for you will specify
> requiring HTTP logins for the cgisec directory. Is this what you're looking
> for?
>
> On 11/14/07, Phil Wild <philwild (at) gmail.com> wrote:
> >
> > Hello,
> >
> > I am looking at setting up hobbit to manage two groups of hosts. I would
> > prefer to just deploy one hobbit installation for both groups. For most of
> > the hobbit web pages, Apache security solves a lot of the browsing issues
> > but the cgi-bin executables and menus are the problem.
> >
> > I want to make sure one group don't have access to see or make changes
> > to the other groups hosts.
> >
> > The areas I see a problem with are:
> >
> > hobbit-enadis.sh
> > bb-findhost.sh
> > hobbit-confreport.sh
> >
> > I would like to restrict the above to only work with a subset of hosts
> > (perhaps a tag in the bbhosts file)
> >
> > The reports generate web pages on the fly and drop the user at the top
> > level page which is not what I would prefer (each group have their own top
> > level page etc.)
> >
> > All nongreen view is also an issue
> >
> > and lastly, manually modifying the URL based on bb-hostsvc.sh to get to
> > a web page for a host in the other groups list is also a problem.
> >
> > Any ideas how I can address this?
> >
> > Thanks
> >
> > Phil
> >
>
>
>
> --
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> Those who don't understand UNIX are condemned to reinvent it, poorly.
> --- Henry Spencer
--
Tel: 0400 466 952
Fax: 0433 123 226
email: philwild (at) gmail.com