The access-control parameter for netconfd-pro controls how the
yuma-nacm (NETCONF access control model) will be enforced
during server operation.
Enum values:
enforcing:
All configured access control rules will be
enforced.
permissive:
All configured access control rules will be
enforced for write and execute requests.
All read requests will be allowed, unless
the requested object contains the
'nacm:very-secure' extension. In that case,
all configured access control rules will
be enforced.
disabled:
All read, write, and execute requests will be
allowed, unless the object contains the
'nacm:secure' or 'nacm:very-secure' extension.
If the 'nacm:secure' extension is in effect,
then all configured access control rules
will be enforced for write and execute requests.
If the 'nacm:very-secure' extension is in effect,
then all configured access control rules
will be enforced for all requests.
Use this mode with caution.
off:
All access control enforcement is disabled.
Use this mode with extreme caution.
For security reasons, access-control is set to "enforcing" by default.
The access-control parameter can be set via the command line when
starting netconfd-pro:
user@system> netconfd-pro --access-control=off
or can be configured in the /etc/yumapro/netconfd-pro.conf file:
#### leaf access-control # # Controls how access control is enforced by the server. # enforcing # permissive # disabled # off # # access-control enforcing access-control off