For example. I have created a confd user for show session. I would like to provide read operation only to the show user. Is there any way to do such?
Please help on this.
I have a following in aaa_init.xml which used by confd, if I add read permit seperately, then read works and right permission also enable for show user. Is there any seperate maapi calls for doing such permission enable for read alone.
<nacm xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
<write-default>permit</write-default>
<groups>
<group>
<name>admin</name>
<user-name>admin</user-name>
<user-name>private</user-name>
</group>
<group>
<name>oper</name>
</group>
<group>
<name>config</name>
</group>
</groups>
<rule-list>
<name>admin</name>
<group>admin</group>
<rule>
<name>any-access</name>
<action>permit</action>
</rule>
</rule-list>
<name>oper</name>
<group>oper</group>
<rule>
<name>operation-only</name>
<access-operations>create update delete exec</access-operations>
<action>deny</action>
</rule>
</rule-list>