Acl/En

From TuxFamilyFAQ
Jump to: navigation, search


Global approach

ACL (or access control lists) allows you to manage the rights of your group on the services you have on the panel. Using the ACL, you can give vision, modification and destruction capabilities on your services to one or several users of you group.

The ACL have nothing to do with access right on your files or repositories. it only allows people to change your services configuration.

If you want to tune the rights of your files, you will have to use the unix permissions system with your FTP client.

ACL are useful for mail domain management if you don't want to be the only person able to add mailboxes and forwards to your domains ;)

Usage

  • Loggin on the panel.
  • Select the group that owns the objects you want to add ACLs on.
  • Select the obkject
  • use the "Go to ACL admin" button

Examples

Okay, you seems to be a bit lost... Let's give an example

Toto have a moderated project. he create a web area and a svn repository to host his new soft.

Everything is going fine and Toto is happy. After giving some hundred bucks to TuxFamily, Toto manage to persuade his friend Tutu to join his great project. The problem with tutu is when he is drunk, he does rm -rf everywhere.

Toto add tutu in his group:

  • tutu can commit on the SVN
  • tutu can upload files on the website using is ftp client.

But tutu can't tune the services on the panel


Toto add an ACL on the webspace and set the acl to "can view this service"

  • tutu now see the webspace but can't change the configuration
  • tutu can still change the files via FTP.

Toto add an ACL on the SVN "can modify this service"

  • tutu can now change the SVN configuration !

Okay now Toto want to prevent tutu fro accessing a part of the website Nothing to do with the ACL Toto just have to change the unix permissions of the files using his favorite FTP client

for example : chmod -R 700 perso/pron