Using the --access-control parameter in YumaPro SDK : YumaWorks

The access-control parameter for netconfd-pro controls how the yuma-nacm (NETCONF Access Control Model) will be enforced during server operation.

Enum values:
  enforcing:
    All configured access control rules will be enforced.
 permissive:
    All configured access control rules will be enforced for write and execute requests.
    All read requests will be allowed, unless the requested object contains the                     
    'nacm:very-secure' extension.  In that case, all configured access control rules will be 
    enforced.
  disabled:
    All read, write, and execute requests will be allowed, unless the object contains the 
    'nacm:secure' or 'nacm:very-secure' extension.
    If the 'nacm:secure' extension is in effect, then all configured access control rules will 
    be enforced for write and execute requests.
    If the 'nacm:very-secure' extension is in effect, then all configured access control rules 
    will be enforced for all requests.
    Use this mode with caution.
  off:
    All access control enforcement is disabled.
    Use this mode with extreme caution.

For security reasons, access-control is set to "enforcing" by default. The access-control parameter can be set via the command line when starting netconfd-pro:

user@system> netconfd-pro --access-control=off

or can be configured in the /etc/yumapro/netconfd-pro.conf file:

#### leaf access-control
#
#  Controls how access control is enforced by the server.
#    enforcing
#    permissive
#    disabled
#    off
#
# access-control enforcing
access-control off

For more details see the Access Control section of the YumaPro netconfd-pro Manual.

YumaWorks

How can we help you today?

What is the --access-control parameter and how should it be used? Print

How can we help you today?

What is the --access-control parameter and how should it be used? Print

Related Articles