summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--cynara.initial10
1 files changed, 8 insertions, 2 deletions
diff --git a/cynara.initial b/cynara.initial
index aa58c4b..6160474 100644
--- a/cynara.initial
+++ b/cynara.initial
@@ -1,4 +1,10 @@
# initial database for cynara
-System * * * yes always
-User * * * yes always
+* * * * no always # explicit default rule: NO
+* * @ADMIN * yes always # users of group @ADMIN can do anything
+* * @NONE * no always # users of group @NONE can do nothing
+
+# root is in the group @ADMIN
+* * 0 * @:%c:%s:@ADMIN:%p always
+# Client of label System are in the group @ADMIN
+System * * * @:%c:%s:@ADMIN:%p always