[libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries

Daniel P. Berrangé posted 1 patch 23 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20180412152418.2975-1-berrange@redhat.com
Test syntax-check passed
"vzDomainMigrateConfirm3Params" => 1,

[libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries

Posted by Daniel P. Berrangé 23 weeks ago
The legacy xen driver is removed, so these ACLL hacks can be removed
too now.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/check-aclrules.pl | 23 ++++-------------------
 1 file changed, 4 insertions(+), 19 deletions(-)

diff --git a/src/check-aclrules.pl b/src/check-aclrules.pl
index 5b6c711dc8..374abaa722 100755
--- a/src/check-aclrules.pl
+++ b/src/check-aclrules.pl
@@ -61,26 +61,12 @@ my %whitelist = (
     "interfaceClose" => 1,
     );
 
-# Temp hack - remove it once xen driver is fixed
+# XXX this vzDomainMigrateConfirm3Params looks
+# bogus - determine why it doesn't have a valid
+# ACL check.
 my %implwhitelist = (
-    "xenUnifiedDomainRestore" => 1,
-    "xenUnifiedDomainRestoreFlags" => 1,
-    "xenUnifiedDomainMigratePrepare" => 1,
-    "xenUnifiedNodeDeviceDettach" => 1,
-    "xenUnifiedNodeDeviceDetachFlags" => 1,
-    "xenUnifiedNodeDeviceReset" => 1,
-    "xenUnifiedDomainIsActive" => 1,
-    "xenUnifiedDomainIsPersistent" => 1,
-    "xenUnifiedDomainIsUpdated" => 1,
-    "xenUnifiedDomainOpenConsole" => 1,
     "vzDomainMigrateConfirm3Params" => 1,
     );
-my %filterimplwhitelist = (
-    "xenUnifiedConnectListDomains" => 1,
-    "xenUnifiedConnectNumOfDomains" => 1,
-    "xenUnifiedConnectListDefinedDomains" => 1,
-    "xenUnifiedConnectNumOfDefinedDomains" => 1,
-    );
 
 my $lastfile;
 
@@ -234,8 +220,7 @@ while (<>) {
             }
 
             if (exists $filtered{$api} &&
-                !exists $aclfilters{$impl} &&
-                !exists $filterimplwhitelist{$impl}) {
+                !exists $aclfilters{$impl}) {
                 print "$ARGV:$. Missing ACL filter in function '$impl' for '$api'\n";
                 $status = 1;
             }
-- 
2.14.3

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries

Posted by Ján Tomko 23 weeks ago
On Thu, Apr 12, 2018 at 04:24:18PM +0100, Daniel P. Berrang� wrote:
>The legacy xen driver is removed, so these ACLL hacks can be removed

s/LL/L/

>too now.
>
>Signed-off-by: Daniel P. Berrang� <berrange@redhat.com>
>---
> src/check-aclrules.pl | 23 ++++-------------------
> 1 file changed, 4 insertions(+), 19 deletions(-)
>

Reviewed-by: J�n Tomko <jtomko@redhat.com>

Jano
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list