[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Authentication/Roles Based Access Control with Docker API.

From: Jim Perrin <jperrin centos org>
To: SGhosh <sghosh redhat com>, atomic-devel projectatomic io
Subject: Re: [atomic-devel] Authentication/Roles Based Access Control with Docker API.
Date: Fri, 21 Nov 2014 17:30:57 -0600


On 11/21/2014 05:17 PM, SGhosh wrote:

>> This probably goes against the 'hopelessly complex' part, but something
>> like the mysql or postgres authentication models would be interesting,
>> and would provide a method for granting users permissions to run various
>> commands.
>>
>> e.g.  docker -u jperrin -P password  -H dockerhost run foo
>>
>>
> 
> When not just hook into the PAM subsystem? and then look for sysops
> defined group membership that allows certain operations?

You certainly could, but this would mean you have local(-ish) users,
which may not always be ideal. On the other hand, it gives you a cheap
way to tie into ldap/AD stores and other sources.


-- 
Jim Perrin
The CentOS Project | http://www.centos.org
twitter: @BitIntegrity | GPG Key: FA09AD77

References:
- [atomic-devel] Authentication/Roles Based Access Control with Docker API.
  - From: Daniel J Walsh
- Re: [atomic-devel] Authentication/Roles Based Access Control with Docker API.
  - From: Jim Perrin
- Re: [atomic-devel] Authentication/Roles Based Access Control with Docker API.
  - From: SGhosh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]