gnustep/libs-ec
0
0
Fork 0
mirror of https://github.com/gnustep/libs-ec.git synced 2025-02-19 10:01:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

clarify comments

Browse source
This commit is contained in:
Richard Frith-Macdonald 2023-04-04 11:10:25 +01:00
parent ea3449e9f7
commit c05b210840
1 changed files with 21 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
Operators.plist
View file

@ -3,21 +3,27 @@
* the Console program to control the system and the commands that each * the Console program to control the system and the commands that each
* operator may use. * operator may use.
* *
* On systems where security is not an issue, the Password my be an empty * There may be a default operator configuration specified (using an empty
* string (allows any login attempt) or may be identical to the username * string as its name) which behaves specially.
* (the user must enter their username as their password). *
* The Password field normally contains a password hash used to authenticate
* login as that operator, but may also be an empty string (allows any login
* attempt) or may be identical to the username (the user must enter their
* username as their password) or may be a hyphen (to prevent login as that
* operator).
* *
* The format for a hashed password is that created by the mkpasswd * The format for a hashed password is that created by the mkpasswd
* program and the crypt() function. The SHA512 hash (starts '$6$') * program and the crypt() function. The SHA512 hash (starts '$6$')
* is preferred. * is preferred.
* *
* As a special case, the password '-' may be used for a dummy operator
* entry which does not permit login to the Console, but defines a set
* of commands referenced from other entries.
*
* The (optional) Commands value is either an array listing the commands * The (optional) Commands value is either an array listing the commands
* that the operator can use, or the name of another operator entry which * that the operator can use, or the name of another operator entry which
* contains such a list of commands. * contains such a list of commands. The referenced operator entry defines
* a 'role' capable of executing the defined set of commands.
*
* When the password '-' is used to prevent login, the Commands setting
* of the operator may still be referenced as a role by the entries of
* other operators.
* *
* The omission of the Commands entry means that the commands array is * The omission of the Commands entry means that the commands array is
* supplied from the default entry (if there is one). * supplied from the default entry (if there is one).
@ -30,6 +36,13 @@
* sufficient to disable all commands for all operators until/unless * sufficient to disable all commands for all operators until/unless
* commands are specifically enabled for them. * commands are specifically enabled for them.
* *
* It is possible to log in to the Console using an operator name which is
* not explicitly configured. In that case the default operator entry is
* used as follows:
* 1. The Passord from the default entry is used to permit/refuse the login.
* 2. The Commands from the default entry is used to define the commands that
* the operator may use, and if this is not present no commands may be used.
*
* NB. There are a few special cases for commands as follows: * NB. There are a few special cases for commands as follows:
* The 'quit' command is always permitted for the Console itself, and * The 'quit' command is always permitted for the Console itself, and
* only needs to be listed to quit client processes, Command or Control. * only needs to be listed to quit client processes, Command or Control.