Proposition for new remctl ACL scheme / group support

[Russ Allbery]

Remi Ferrand <remi.ferrand at cc.in2p3.fr> writes:

> No problem at all, feel free to change the ACL scheme name.  From my
> point of view "unixgroup" is more suited in this very case as
> "localgroup" could be confusing for people that would like to use some
> other "groups" backends (non local ones) also supported by libnss such
> as LDAP; but I agree with your "local" argument that explicits the
> "principal" to "local version" translation.

> I would say that as long as the documentation (man page) is explicit
> enough (I should have written some more maybe), whatever the name is,
> users will understand what they could use this ACL scheme for.

Thank you very much for this work!

I have now finally merged it and pushed out a new release, as you probably
just saw.  Unfortunately, we use Gerrit internally in a way that doesn't
work well with merges, so the line of development doesn't look like a
merge of your branch in Github.  (There are ways to fix this, but they
were all too complex than I had time for.)  But your patches, rebased, are
in there, along with some subsequent refactoring.

I haven't had a chance to take a look at the PTS ACL code yet,
unfortunately.  I have a few other things queued up to look at before I'll
get a chance to poke at it.

> Perfect, thank you for that, and more personnaly I'd like to thank you
> for you work on the whole remctl project.

> In daily tasks, it's just a real pleasure to work with your software,
> and it was actually the same pleasure for me to dig into the source code
> and extand it :-)

Thank you very much!

-- 
Russ Allbery (eagle at eyrie.org)              <http://www.eyrie.org/~eagle/>