Table 13.3. Properties of an ACL Target
Table 13.4. Properties of an ACL Group
acl_target
and acl_group
element may contain any number of role
elements.
Table 13.5. Properties of an ACL Role Reference
Important
root
and hacluster
user accounts always have full access to the CIB, regardless of ACLs. For other user accounts, when enable-acl
is true, permission to all parts of the CIB is denied by default (permissions must be explicitly granted).