[Koha-bugs] [Bug 28990] Allow changes for a configurable subset of systempreferences by superlibrarian only
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Sep 13 01:48:25 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28990
--- Comment #9 from David Cook <dcook at prosentient.com.au> ---
My above idea would actually flow into another idea I've had for "hardening"
Koha instances.
Many of Koha's defaults are quite open and flexible, which makes it easy for
anyone to use Koha. But I suspect many vendors would like to apply certain
rules that make the Koha instance more secure. Originally, I was thinking about
installation "profiles", which could be invoked by koha-create, but maybe a
post-installation script would be easier/more flexible.
While I haven't used it myself, I've been thinking about the "jboss-cli" tool
that comes with the Java server JBOSS AS/Wildfly. I encountered it most
recently with Keycloak:
https://www.keycloak.org/docs/latest/server_installation/#_start_cli
It lets you set configuration with a script. I like the idea of a
"secure_koha.cli" or "vendor_profile.cli" script that you could run. A sysadmin
could lock down certain system preferences, set certain values for
authentication servers, email addresses, etc.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list