ACCESS CONTROLS
---------------
-All query operations are allowed without authentication. Only the
+Most query operations are allowed without authentication. Only the
modification operations require authentication, in the form of basic
authentication.
The users and their rights are defined in the
-``@LOCALSTATEDIR@/lib/ganeti/rapi/users`` file. The users
-should be listed one per line, in the following format::
-
- username password options
-
-Currently the *options* field should equal the string ``write`` in
-order to actually give write permission for the given users. Example::
-
- rclient secret write
- guest testpw
-
-The first user (*rclient*) has read-write rights, whereas the second
-user (*guest*) only has read (query) rights, and as such is no
-different than not using authentication at all.
-
-More details (including on how to use hashed passwords) can be found
-in the Ganeti documentation.
+``@LOCALSTATEDIR@/lib/ganeti/rapi/users`` file. Format of this file is
+described in the Ganeti documentation (``rapi.html``).
.. vim: set textwidth=72 :
.. Local Variables: