We have been grouping network-port and nwfilter-binding permissions
under virNetworkPtr and virNWFilterPtr respectively.
Add the two missing classes that were matched because they contain
a substring of others.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
---
docs/genaclperms.pl | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/docs/genaclperms.pl b/docs/genaclperms.pl
index d878321a90..34c526021c 100755
--- a/docs/genaclperms.pl
+++ b/docs/genaclperms.pl
@@ -22,7 +22,8 @@ use warnings;
my @objects = (
"CONNECT", "DOMAIN", "INTERFACE",
- "NETWORK","NODE_DEVICE", "NWFILTER",
+ "NETWORK_PORT", "NETWORK", "NODE_DEVICE",
+ "NWFILTER_BINDING", "NWFILTER",
"SECRET", "STORAGE_POOL", "STORAGE_VOL",
);
--
2.20.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Thu, Jun 27, 2019 at 05:44:34PM +0200, Ján Tomko wrote: >We have been grouping network-port and nwfilter-binding permissions >under virNetworkPtr and virNWFilterPtr respectively. > >Add the two missing classes that were matched because they contain >a substring of others. > >Signed-off-by: Ján Tomko <jtomko@redhat.com> >--- > docs/genaclperms.pl | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > After this patch we no longer say that a network has a port-create permisison, but show 'create' as a permission of the network port: $ diff -u docs/aclperms.htmlinc.before docs/aclperms.htmlinc --- docs/aclperms.htmlinc.before 2019-07-01 15:51:04.588081150 +0200 +++ docs/aclperms.htmlinc 2019-07-01 15:51:26.317082311 +0200 @@ -257,26 +257,6 @@ <td>Access network</td> </tr> <tr> - <td><a name="perm_network_port_create">port-create</a></td> - <td>Create network port</td> - </tr> - <tr> - <td><a name="perm_network_port_delete">port-delete</a></td> - <td>Delete network port</td> - </tr> - <tr> - <td><a name="perm_network_port_getattr">port-getattr</a></td> - <td>Access network port</td> - </tr> - <tr> - <td><a name="perm_network_port_read">port-read</a></td> - <td>Read network port</td> - </tr> - <tr> - <td><a name="perm_network_port_write">port-write</a></td> - <td>Read network port</td> - </tr> - <tr> <td><a name="perm_network_read">read</a></td> <td>Read network</td> </tr> @@ -302,6 +282,37 @@ </tr> </tbody> </table> +<h3><a name="object_network_port">virNetworkPortPtr</a></h3> +<table class="acl"> + <thead> + <tr> + <th>Permission</th> + <th>Description</th> + </tr> + </thead> + <tbody> + <tr> + <td><a name="perm_network_port_create">create</a></td> + <td>Create network port</td> + </tr> + <tr> + <td><a name="perm_network_port_delete">delete</a></td> + <td>Delete network port</td> + </tr> + <tr> + <td><a name="perm_network_port_getattr">getattr</a></td> + <td>Access network port</td> + </tr> + <tr> + <td><a name="perm_network_port_read">read</a></td> + <td>Read network port</td> + </tr> + <tr> + <td><a name="perm_network_port_write">write</a></td> + <td>Read network port</td> + </tr> + </tbody> +</table> <h3><a name="object_node_device">virNodeDevicePtr</a></h3> <table class="acl"> <thead> @@ -347,22 +358,6 @@ </thead> <tbody> <tr> - <td><a name="perm_nwfilter_binding_create">binding-create</a></td> - <td>Create network filter binding</td> - </tr> - <tr> - <td><a name="perm_nwfilter_binding_delete">binding-delete</a></td> - <td>Delete network filter binding</td> - </tr> - <tr> - <td><a name="perm_nwfilter_binding_getattr">binding-getattr</a></td> - <td>Access network filter</td> - </tr> - <tr> - <td><a name="perm_nwfilter_binding_read">binding-read</a></td> - <td>Read network filter binding</td> - </tr> - <tr> <td><a name="perm_nwfilter_delete">delete</a></td> <td>Delete network filter</td> </tr> @@ -384,6 +379,33 @@ </tr> </tbody> </table> +<h3><a name="object_nwfilter_binding">virNWFilterBindingPtr</a></h3> +<table class="acl"> + <thead> + <tr> + <th>Permission</th> + <th>Description</th> + </tr> + </thead> + <tbody> + <tr> + <td><a name="perm_nwfilter_binding_create">create</a></td> + <td>Create network filter binding</td> + </tr> + <tr> + <td><a name="perm_nwfilter_binding_delete">delete</a></td> + <td>Delete network filter binding</td> + </tr> + <tr> + <td><a name="perm_nwfilter_binding_getattr">getattr</a></td> + <td>Access network filter</td> + </tr> + <tr> + <td><a name="perm_nwfilter_binding_read">read</a></td> + <td>Read network filter binding</td> + </tr> + </tbody> +</table> <h3><a name="object_secret">virSecretPtr</a></h3> <table class="acl"> <thead> Jano -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Mon, 2019-07-01 at 15:53 +0200, Ján Tomko wrote: > On Thu, Jun 27, 2019 at 05:44:34PM +0200, Ján Tomko wrote: > > We have been grouping network-port and nwfilter-binding permissions > > under virNetworkPtr and virNWFilterPtr respectively. > > > > Add the two missing classes that were matched because they contain > > a substring of others. > > > > Signed-off-by: Ján Tomko <jtomko@redhat.com> > > --- > > docs/genaclperms.pl | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > After this patch we no longer say that a network has a port-create > permisison, but show 'create' as a permission of the network port: Thanks for explaining the consequences of this change! Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2024 Red Hat, Inc.