#!/usr/bin/env bash
# Authentication and authorization and IETF NACM
# Library variable and functions
if [ $(whoami) != root ]; then
EXTRAUSER="$(whoami)"
fi
# Three groups from RFC8341 A.1 (admin extended with $USER)
NGROUPS=$(cat <
admin
root
admin
andy
$EXTRAUSER
limited
wilma
bam-bam
guest
guest
guest@example.com
EOF
)
# Permit all rule for admin group from RFC8341 A.2
NADMIN=$(cat <
admin-acl
admin
permit-all
*
*
permit
Allow the 'admin' group complete access to all operations and data.
EOF
)
DEFAULTNACM='truepermitdenypermittrue'