The access-control parameter for netconfd-pro controls how the yuma-nacm (NETCONF Access Control Model) will be enforced during server operation.
Enum values: enforcing: All configured access control rules will be enforced. permissive: All configured access control rules will be enforced for write and execute requests. All read requests will be allowed, unless the requested object contains the 'nacm:very-secure' extension. In that case, all configured access control rules will be enforced. disabled: All read, write, and execute requests will be allowed, unless the object contains the 'nacm:secure' or 'nacm:very-secure' extension. If the 'nacm:secure' extension is in effect, then all configured access control rules will be enforced for write and execute requests. If the 'nacm:very-secure' extension is in effect, then all configured access control rules will be enforced for all requests. Use this mode with caution. off: All access control enforcement is disabled. Use this mode with extreme caution.
For security reasons, access-control is set to "enforcing" by default. The access-control parameter can be set via the command line when starting netconfd-pro:
user@system> netconfd-pro --access-control=off
or can be configured in the /etc/yumapro/netconfd-pro.conf file:
#### leaf access-control # # Controls how access control is enforced by the server. # enforcing # permissive # disabled # off # # access-control enforcing access-control off
For more details see the Access Control section of the YumaPro Netconfd Manual.