diff options
author | Matthew Grooms <mgrooms@pfsense.org> | 2008-08-01 06:30:34 +0000 |
---|---|---|
committer | Matthew Grooms <mgrooms@pfsense.org> | 2008-08-01 06:30:34 +0000 |
commit | 6b07c15ad870f24e783a23c4a64fbb73958543ad (patch) | |
tree | 4fdff8bc51d8a4bb299a487d41c6e5c4b2f3e0fd /conf.default | |
parent | c9030aec2206b2612f32eaa79ddbedcb282b639a (diff) | |
download | pfsense-6b07c15ad870f24e783a23c4a64fbb73958543ad.zip pfsense-6b07c15ad870f24e783a23c4a64fbb73958543ad.tar.gz |
Rewrite the pfsense privilege system with the following goals in mind ...
1) Redefine page privileges to not use static urls
2) Accurate generation of privilege definitions from source
3) Merging the user and group privileges into a single set
4) Allow any privilege to be added to users or groups w/ inheritance
5) Cleaning up the related WebUI pages
Diffstat (limited to 'conf.default')
-rw-r--r-- | conf.default/config.xml | 30 |
1 files changed, 7 insertions, 23 deletions
diff --git a/conf.default/config.xml b/conf.default/config.xml index de6a8df..aa4267e 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -1,7 +1,7 @@ <?xml version="1.0"?> <!-- pfSense default system configuration --> <pfsense> - <version>4.9</version> + <version>5.0</version> <lastchange></lastchange> <theme>nervecenter</theme> <sysctl> @@ -116,15 +116,16 @@ <name>all</name> <description>All Users</description> <scope>system</scope> - <pages/> <gid>1998</gid> + <member>0</member> </group> <group> <name>admins</name> <description>System Administrators</description> <scope>system</scope> - <pages>ANY</pages> <gid>1999</gid> + <member>0</member> + <priv>page-all</priv> </group> <user> <name>admin</name> @@ -133,26 +134,9 @@ <groupname>admins</groupname> <password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password> <uid>0</uid> - <priv> - <id>lockwc</id> - <name>Lock webConfigurator</name> - <descr>Indicates whether this user will lock access to the webConfigurator for other users.</descr> - </priv> - <priv> - <id>lock-ipages</id> - <name>Lock individual pages</name> - <descr>Indicates whether this user will lock individual HTML pages after having accessed a particular page(the lock will be freed if the user leaves or saves the page form).</descr> - </priv> - <priv> - <id>hasshell</id> - <name>Has shell access</name> - <descr>Indicates whether this user is able to login for example via SSH.</descr> - </priv> - <priv> - <id>isroot</id> - <name>Is root user</name> - <descr>This user is associated with the UNIX root user (you should associate this privilege only with one single user).</descr> - </priv> + <priv>user-lock-webcfg</priv> + <priv>user-lock-ipages</priv> + <priv>user-shell-access</priv> </user> <nextuid>2000</nextuid> <nextgid>2000</nextgid> |