[libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries

Daniel P. Berrangé posted 1 patch 5 years, 11 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20180412152418.2975-1-berrange@redhat.com
Test syntax-check passed
src/check-aclrules.pl | 23 ++++-------------------
1 file changed, 4 insertions(+), 19 deletions(-)
[libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries
Posted by Daniel P. Berrangé 5 years, 11 months ago
The legacy xen driver is removed, so these ACLL hacks can be removed
too now.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/check-aclrules.pl | 23 ++++-------------------
 1 file changed, 4 insertions(+), 19 deletions(-)

diff --git a/src/check-aclrules.pl b/src/check-aclrules.pl
index 5b6c711dc8..374abaa722 100755
--- a/src/check-aclrules.pl
+++ b/src/check-aclrules.pl
@@ -61,26 +61,12 @@ my %whitelist = (
     "interfaceClose" => 1,
     );
 
-# Temp hack - remove it once xen driver is fixed
+# XXX this vzDomainMigrateConfirm3Params looks
+# bogus - determine why it doesn't have a valid
+# ACL check.
 my %implwhitelist = (
-    "xenUnifiedDomainRestore" => 1,
-    "xenUnifiedDomainRestoreFlags" => 1,
-    "xenUnifiedDomainMigratePrepare" => 1,
-    "xenUnifiedNodeDeviceDettach" => 1,
-    "xenUnifiedNodeDeviceDetachFlags" => 1,
-    "xenUnifiedNodeDeviceReset" => 1,
-    "xenUnifiedDomainIsActive" => 1,
-    "xenUnifiedDomainIsPersistent" => 1,
-    "xenUnifiedDomainIsUpdated" => 1,
-    "xenUnifiedDomainOpenConsole" => 1,
     "vzDomainMigrateConfirm3Params" => 1,
     );
-my %filterimplwhitelist = (
-    "xenUnifiedConnectListDomains" => 1,
-    "xenUnifiedConnectNumOfDomains" => 1,
-    "xenUnifiedConnectListDefinedDomains" => 1,
-    "xenUnifiedConnectNumOfDefinedDomains" => 1,
-    );
 
 my $lastfile;
 
@@ -234,8 +220,7 @@ while (<>) {
             }
 
             if (exists $filtered{$api} &&
-                !exists $aclfilters{$impl} &&
-                !exists $filterimplwhitelist{$impl}) {
+                !exists $aclfilters{$impl}) {
                 print "$ARGV:$. Missing ACL filter in function '$impl' for '$api'\n";
                 $status = 1;
             }
-- 
2.14.3

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries
Posted by Ján Tomko 5 years, 11 months ago
On Thu, Apr 12, 2018 at 04:24:18PM +0100, Daniel P. Berrangé wrote:
>The legacy xen driver is removed, so these ACLL hacks can be removed

s/LL/L/

>too now.
>
>Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
>---
> src/check-aclrules.pl | 23 ++++-------------------
> 1 file changed, 4 insertions(+), 19 deletions(-)
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list