[Go-essp-tech] About Group Management....
Gavin M. Bell
gavin at llnl.gov
Tue Jun 21 10:52:11 MDT 2011
Hi Team,
So also, I was told there was some talk on group management.
The ability to create groups, create users, add users to groups; already
exists in the UserInfoDAO object in security.
The issue is really getting access to that object to execute the
necessary calls.
I am writing a shell interface to security that will allow us to do
these operations, essentially our (ESGF's) version of:
useradd, groupadd, userdel, groupdel, id
and additionally add-user-to-group, del-user-from-group, show-groups,
show-users,
If I have missed a particular call please let me know... but I think
that this should do it.
In the next release of the node manager you will get this shell.
You invoke the shell by typing esgf-sh at the prompt.
:-)
I caution the team against employing a big group management infrastructure.
It is just not necessary (IMHO).... if we have growing pains from this
simple interface *the* would be a good time to grow into a bigger
system. However, something tells me that this shell, and an analogous
web interface (to the same model object) is all we need.
Also, group information is present in the registry. So we are all privy
to groups and attribute services that have purview over them.
I worked with Luca to put in hooks into the registry for the attribute
service, and for basic whitelisting.
--
Gavin M. Bell
Lawrence Livermore National Labs
--
"Never mistake a clear view for a short distance."
-Paul Saffo
(GPG Key - http://rainbow.llnl.gov/dist/keys/gavin.asc)
A796 CE39 9C31 68A4 52A7 1F6B 66B7 B250 21D5 6D3E
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ucar.edu/pipermail/go-essp-tech/attachments/20110621/6c2b1537/attachment.html
More information about the GO-ESSP-TECH
mailing list