[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Authentication/Roles Based Access Control with Docker API.




On 11/21/2014 05:17 PM, SGhosh wrote:

>> This probably goes against the 'hopelessly complex' part, but something
>> like the mysql or postgres authentication models would be interesting,
>> and would provide a method for granting users permissions to run various
>> commands.
>>
>> e.g.  docker -u jperrin -P password  -H dockerhost run foo
>>
>>
> 
> When not just hook into the PAM subsystem? and then look for sysops
> defined group membership that allows certain operations?

You certainly could, but this would mean you have local(-ish) users,
which may not always be ideal. On the other hand, it gives you a cheap
way to tie into ldap/AD stores and other sources.


-- 
Jim Perrin
The CentOS Project | http://www.centos.org
twitter: @BitIntegrity | GPG Key: FA09AD77


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]