| To: | Chandana De Silva <chandana@xxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [pcp] PMCD Access control question |
| From: | Lukas Berk <lberk@xxxxxxxxxx> |
| Date: | Fri, 07 Aug 2015 09:19:17 -0400 |
| Cc: | pcp@xxxxxxxxxxx |
| Delivered-to: | pcp@xxxxxxxxxxx |
| In-reply-to: | <1438916688.28237.48.camel@xxxxxxxxxxxxx> (Chandana De Silva's message of "Fri, 07 Aug 2015 13:04:48 +1000") |
| References: | <1438916688.28237.48.camel@xxxxxxxxxxxxx> |
| User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Hi, Chandana De Silva <chandana@xxxxxxxxxxxxx> writes: [...] > disallow ".*" : store; > disallow ":*" : store; > allow "local:*" : all; > > Does this mean that fetch is restricted to localhost, or is fetch > allowed from anywhere. In other words is ".* fetch" the default ? > I can currently access this particular host from any where, which > suggests ".*" Fetch operations are not restricted to the localhost with this configuation. In cases where there is no specific allow or disallow control statements applied to an operation (remote fetch's in this case), the default is to allow it. The first two lines disallow store operation from any IPv4 and IPv6 address, and then the third overrides that for the localhost case. I would suggest taking a look at man pmcd(1) for more details, specifically the 'Access Control Specification' section. Cheers, Lukas |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Confusion about metricConvert() value for kernel.all.cpu.user, Rohan Arora |
|---|---|
| Next by Date: | [pcp] Fixes SIGSEGV, 64-bit format specifiers, dlsym bug and IPC on Windows (#34), Diego Giagio |
| Previous by Thread: | Re: PMCD Access control question, Frank Ch. Eigler |
| Next by Thread: | Re: [pcp] PMCD Access control question, Chandana De Silva |
| Indexes: | [Date] [Thread] [Top] [All Lists] |