We have implemented some file operations like ‘file show/tail’ using clispec. But now we want to restrict the access to this operations for specific group users.
The NACM rule I added:
<cmdrule xmlns="http://tail-f.com/yang/acm"> <name>file-show</name> <command>file show</command> <access-operations>read exec</access-operations> <action>deny</action> </cmdrule>
I tried with adding above NACM cmdrule for specific group, to achieve the above requirement, but is there any other, more efficient way to fulfill this?