Hello,
I am porting CONFD to a linux system using local authentication.
As I read the user guide of confd, it shows data in file “/etc/passwd” and “/etc/group” will be used for local authentication. And group info will be used as role in confd_aaa subsys authentication process.
But following error occurred when I tried to get/set msg via netconf client:
devel-aaa User: support[] rejected data access path /if:interfaces op read due to no rule matched and /nacm/read-default is ‘deny’
And in audit.log, no groups was found:
3-Jan-2025::04:34:33.468 router confd[1959]: audit user: support/11 assigned to groups:
Here are the groups in “/etc/group”
My question is:
1.Except for configuring authentication methods in configuration files and pre-defining the specified group and Rule-list in aaa_init.xml, other configurations are required.
2.Is there any means to add more diagnostic logs to determine what happened in the context of the problem?
3.Can you give some advice on the current problem?
Thanks!
Arthur