From nobody Sat Apr 27 08:52:59 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1676890038; cv=none;
	d=zohomail.com; s=zohoarc;
	b=cZauie3h91GmSyR9fS9wT1wOGIihchVqPBxDWtzHM4oUBHBU5xTRrc56RB8MmHCS5KnSSaVD/dQj2psh93KG1Og2scRjVKQ48+AB/XPXJL/KFzZAnwuCehmuWlTQQXwj9r5RS+ItyB1jdxPbxh5ybUH72sWPvGp8AMfqp3VDK78=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676890038;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=lMXMJYuNC/QXRT0tYaAzBD24MkMWLYNC1dqgDlh7Mh4=;
	b=TrYXHlr1/RJ+cPOdmUfABzwWIYmT04IAfRUaZU8j18s9k8s+0J9bqtVQQlqURIq8hRW60r3YP87X04WbJXaybrh2RfWIoPcaUTh540aoOoIjszSmGWwbtGEENzeUWJtU9eN30Nr8Usrg5ETCX/2XQCe2MleTsZqe8Ebus9uDH7o=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1676890038308378.5043694668649;
 Mon, 20 Feb 2023 02:47:18 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-341-XRzofVPFPna1-ZrvdSoB9g-1; Mon, 20 Feb 2023 05:47:15 -0500
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
 [10.11.54.6])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 835DF3C02B6A;
	Mon, 20 Feb 2023 10:47:13 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 711292166B29;
	Mon, 20 Feb 2023 10:47:13 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 56EA61946588;
	Mon, 20 Feb 2023 10:47:13 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 9971D1946587 for <libvir-list@listman.corp.redhat.com>;
 Mon, 20 Feb 2023 10:47:12 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 8B9D4492B06; Mon, 20 Feb 2023 10:47:12 +0000 (UTC)
Received: from speedmetal.redhat.com (unknown [10.45.242.16])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 10589492B05
 for <libvir-list@redhat.com>; Mon, 20 Feb 2023 10:47:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1676890037;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=lMXMJYuNC/QXRT0tYaAzBD24MkMWLYNC1dqgDlh7Mh4=;
	b=AV9lb7UZiIu2sTvqwksyr9k5SCoDj+5qfZlW7ovM1NaQB1umps5rLIJHU3t1F41asP1lQ3
	kJvTK3isIm9hcx6EXTMmIrm/SD4MWrKk4UiTRgy+RI+pFk3GDfUozkqWm+VWsDcPWnLoc5
	XpXDp7kGKQGH6n4OBUDaFBdXHCz0Bcc=
X-MC-Unique: XRzofVPFPna1-ZrvdSoB9g-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 1/6] docs: Fix generated names for ACL objects
Date: Mon, 20 Feb 2023 11:47:04 +0100
Message-Id: 
 <3c08cf39f7a3181d11195340a65e5ff0da7d6803.1676889902.git.pkrempa@redhat.com>
In-Reply-To: <cover.1676889902.git.pkrempa@redhat.com>
References: <cover.1676889902.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1676890039534100002
Content-Type: text/plain; charset="utf-8"

Both the object name and permission name in ACL use '-' instead of '_'
separator when refering to them in the docs or even when used inside of
polkig. Unfortunately the generators used for generating our docs don't
honour this in certain cases which would result in broken names in the
API docs (once they will be generated).

Rename both object and permission name to use dash and reflect that in
the anchor names in the documentation.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 scripts/genaclperms.py |  6 +++---
 src/rpc/gendispatch.pl | 13 +++++++++++--
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/scripts/genaclperms.py b/scripts/genaclperms.py
index 43616dad04..eaf4a3d17d 100755
--- a/scripts/genaclperms.py
+++ b/scripts/genaclperms.py
@@ -88,7 +88,8 @@ print('  <body>')
 for obj in sorted(perms.keys()):
     klass =3D classes[obj]

-    olink =3D "object_" + obj.lower()
+    objname =3D obj.lower().replace("_", "-")
+    olink =3D "object_" + objname

     print('    <h3><a id=3D"%s">%s</a></h3>' % (olink, klass))
     print('    <table>')
@@ -112,8 +113,7 @@ for obj in sorted(perms.keys()):
         if description is None:
             raise Exception("missing description for %s.%s" % (obj, perm))

-        plink =3D "perm_" + obj.lower() + "_" + perm.lower()
-        plink =3D plink.replace("-", "_")
+        plink =3D "perm_" + objname + "_" + perm.lower()

         print('        <tr>')
         print('          <td><a id=3D"%s">%s</a></td>' % (plink, perm))
diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl
index 085e2a29d8..c5f5c85811 100755
--- a/src/rpc/gendispatch.pl
+++ b/src/rpc/gendispatch.pl
@@ -2262,7 +2262,11 @@ elsif ($mode eq "client") {
             my $acl =3D $call->{acl};
             foreach (@{$acl}) {
                 my @bits =3D split /:/;
-                print "    <check object=3D'$bits[0]' perm=3D'$bits[1]'";
+                my $objname =3D $bits[0];
+                $objname =3D~ s/_/-/g;
+                my $perm =3D $bits[1];
+                $perm =3D~ s/_/-/g;
+                print "    <check object=3D'$objname' perm=3D'$perm'";
                 if (defined $bits[2]) {
                     print " flags=3D'$bits[2]'";
                 }
@@ -2272,7 +2276,12 @@ elsif ($mode eq "client") {
             my $aclfilter =3D $call->{aclfilter};
             foreach (@{$aclfilter}) {
                 my @bits =3D split /:/;
-                print "    <filter object=3D'$bits[0]' perm=3D'$bits[1]'/>=
\n";
+                my $objname =3D $bits[0];
+                $objname =3D~ s/_/-/g;
+                my $perm =3D $bits[1];
+                $perm =3D~ s/_/-/g;
+
+                print "    <filter object=3D'$objname' perm=3D'$perm'/>\n";
             }

             print "  </api>\n";
--=20
2.39.2
From nobody Sat Apr 27 08:52:59 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1676890045; cv=none;
	d=zohomail.com; s=zohoarc;
	b=XJkh0pfdoztu5A1/7/vxYgJKPz0i662GJQwj9W/6VfsELxI4V+cD5jov782A8HaRmtKUUNJigxklJjtLqaMkDFTOjw17Whye8IJtN8uYssWw84Z7Z2UaNvknNMG2B4DNxm3Z1RQP7V84trfqlT588JNCDMrhpem8dNpws6rR9Lw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676890045;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=zIgA4kMHWk7rvfuex4I3iu5dkw35zJjtf0RsqmliBLs=;
	b=McB37Uw6JtJkwDYwI5gHHASdz42exhD4ItUo3fqstxOBX2VY26t+0IdBEr3n2e/0xx9c8dHvZCsNvHlExEkOFc8QN0ORI1YIycQYZwSCq6TdHk5kA4xfwLtrIUsIAisHcOqw/vp2W+5BbpBmTLx0co2sMkYfX0VZGcVu3T8Wy0s=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1676890045402101.22809902267909;
 Mon, 20 Feb 2023 02:47:25 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-612-ZDOX_XiIOiORXwqgoTtVJQ-1; Mon, 20 Feb 2023 05:47:17 -0500
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com
 [10.11.54.7])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 36E5D382C964;
	Mon, 20 Feb 2023 10:47:15 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 231F1140EBF6;
	Mon, 20 Feb 2023 10:47:15 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 02F6B1946588;
	Mon, 20 Feb 2023 10:47:15 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id A5036194658C for <libvir-list@listman.corp.redhat.com>;
 Mon, 20 Feb 2023 10:47:13 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 94066492B09; Mon, 20 Feb 2023 10:47:13 +0000 (UTC)
Received: from speedmetal.redhat.com (unknown [10.45.242.16])
 by smtp.corp.redhat.com (Postfix) with ESMTP id E604C492B07
 for <libvir-list@redhat.com>; Mon, 20 Feb 2023 10:47:12 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1676890044;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=zIgA4kMHWk7rvfuex4I3iu5dkw35zJjtf0RsqmliBLs=;
	b=dJi7+yYwhgdLbOPYNQjq+Ni9getd9gqMHc8QCfk7Oh+LhEJFH2SNxIJgBaOOYjfQXdgziw
	pdf7FgcJRq0IsT5KxoV3UxNN7jXgv9LXiFSqSRIsooNnzbJeycx6iCs1lr+J+eVtKVBqKO
	/bE59pemabb6hBA7NwcWAjf48zhvwg8=
X-MC-Unique: ZDOX_XiIOiORXwqgoTtVJQ-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 2/6] docs: ACL: Mention the ACL object name along with the
 corresponding libvirt object name
Date: Mon, 20 Feb 2023 11:47:05 +0100
Message-Id: 
 <818def2bca46e3b070d9e3a2c53b71a5e3b25d74.1676889902.git.pkrempa@redhat.com>
In-Reply-To: <cover.1676889902.git.pkrempa@redhat.com>
References: <cover.1676889902.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1676890047521100003
Content-Type: text/plain; charset="utf-8"

It's not trivial to figure out the ACL object name from our
documentation. Add it above the table outlining existing permissions.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 scripts/genaclperms.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/genaclperms.py b/scripts/genaclperms.py
index eaf4a3d17d..527005dd98 100755
--- a/scripts/genaclperms.py
+++ b/scripts/genaclperms.py
@@ -91,7 +91,7 @@ for obj in sorted(perms.keys()):
     objname =3D obj.lower().replace("_", "-")
     olink =3D "object_" + objname

-    print('    <h3><a id=3D"%s">%s</a></h3>' % (olink, klass))
+    print('    <h3><a id=3D"%s"><code>%s</code> - %s</a></h3>' % (olink, o=
bjname, klass))
     print('    <table>')
     print('      <thead>')
     print('        <tr>')
--=20
2.39.2
From nobody Sat Apr 27 08:52:59 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1676890044; cv=none;
	d=zohomail.com; s=zohoarc;
	b=PnI4V5ktl/ddStzcrTil54nAUiAYf9/3Exeai5XRHtOl0ol+iw2I9mbB+u/+2SBCy15z0plP4PhhldQy8yCg3g51llr1Ec2+cGVGDNuccoj0xJu9Bn1EjRB0JXdfkzL/RnHstQndrPee1wiqmDbbtnMZrRLCq0jqQ2sEzOLnGCQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676890044;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=w89znR4J7J8tVG7kEObVSrlkpwZ+TeZzvlCdY+rkLrY=;
	b=N1EC15Vtx582C2cV6M+2glQAqdQDhqOPU0NMq7gWeiDYuRnvv0suzqJbHpQ6bBcxYaQMN5ZaxhxDhlKnXgiuMok8INshXuykkUEPJnMjMBeZm12ta76viSkgULk4WQ1KWpazzeZABH/FLoPt49hCTv9lSvCYPl8dDMID1XpRTNM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 167689004410278.31659748316747;
 Mon, 20 Feb 2023 02:47:24 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-255-g1UiF-ddO3iI4PzbBf51pw-1; Mon, 20 Feb 2023 05:47:19 -0500
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 66609811E6E;
	Mon, 20 Feb 2023 10:47:16 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 50B352026D4B;
	Mon, 20 Feb 2023 10:47:16 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 3D2951946588;
	Mon, 20 Feb 2023 10:47:16 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id B44621946587 for <libvir-list@listman.corp.redhat.com>;
 Mon, 20 Feb 2023 10:47:14 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id AB0FE492B06; Mon, 20 Feb 2023 10:47:14 +0000 (UTC)
Received: from speedmetal.redhat.com (unknown [10.45.242.16])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 07AE2492B05
 for <libvir-list@redhat.com>; Mon, 20 Feb 2023 10:47:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1676890043;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=w89znR4J7J8tVG7kEObVSrlkpwZ+TeZzvlCdY+rkLrY=;
	b=QMXk0KcWOZLlDM2vsa2NPTsXELbHJEYAGk9PCTIvaIyKNAQCCSRNRUfCTcddB4858/qbZQ
	rhDqQkdzf0nj4YsgmDUVMSe4gFSJyCWm7UFPQvXixmWnkSx4YI4CvDbFD41sgPKEaEP5zt
	zKhPCWbQi1ihUFqj77VJMphnNMZpD+U=
X-MC-Unique: g1UiF-ddO3iI4PzbBf51pw-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 3/6] gendispatch: Add proper XML header to ACL permissions XML
 file
Date: Mon, 20 Feb 2023 11:47:06 +0100
Message-Id: 
 <cf3c92c2b60cebc902a7c6cc4676610c819c9834.1676889902.git.pkrempa@redhat.com>
In-Reply-To: <cover.1676889902.git.pkrempa@redhat.com>
References: <cover.1676889902.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1676890045622100001
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/rpc/gendispatch.pl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl
index c5f5c85811..4a50ac27e0 100755
--- a/src/rpc/gendispatch.pl
+++ b/src/rpc/gendispatch.pl
@@ -454,6 +454,7 @@ if ($mode eq "aclsym") {
 __EOF__
 } elsif ($mode eq "aclapi") {
     print <<__EOF__;
+<?xml version=3D"1.0" encoding=3D"UTF-8"?>
 <!--
   -  Automatically generated from $protocol by gendispatch.pl.
   -  Do not edit this file.  Any changes you make will be lost.
--=20
2.39.2
From nobody Sat Apr 27 08:52:59 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1676890046; cv=none;
	d=zohomail.com; s=zohoarc;
	b=XyaJIThQ8fCDQwLoamduwzAwzTxqZVLlyszVRjWKi2cSEDmVVTIqXLosfZIdq11pNUO7DdevcRvTPq7Z/EhQ8iPbgzE2TaNOY1VzFq3DYZBrj9IW1ce1j65081iEE08/tVQlUqOvKr2d42r2CbeiQpol5tD1veuZuOIbG56+wKE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676890046;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=15TrZTYue7+w8aiX4gxL9uLF4YgxhcJ0SNrSqsyo69w=;
	b=dwoEj6guVuQOMULA5D0wLEXzhHHuDnzV9anretfPQ/mQIQhqiRUIz3WoGeSPCgaHDFtgSrMwsr7cbmXAV5MV9wvDzxVEHhsPJZkoTizoLIZGoSO8xLK5QGMVhry77kS+O1WWsNg3/x5hfJL47/XqMU5xPXGxNP1YU58LTQylTFc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1676890046095178.6065482110273;
 Mon, 20 Feb 2023 02:47:26 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-399-loU31VY0MOGuvaF0xqEggQ-1; Mon, 20 Feb 2023 05:47:21 -0500
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id EB305802D35;
	Mon, 20 Feb 2023 10:47:18 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id B6955492B05;
	Mon, 20 Feb 2023 10:47:18 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 972891946588;
	Mon, 20 Feb 2023 10:47:18 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id E59E71946587 for <libvir-list@listman.corp.redhat.com>;
 Mon, 20 Feb 2023 10:47:15 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id C7C87492B07; Mon, 20 Feb 2023 10:47:15 +0000 (UTC)
Received: from speedmetal.redhat.com (unknown [10.45.242.16])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 28ABB492B05
 for <libvir-list@redhat.com>; Mon, 20 Feb 2023 10:47:14 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1676890045;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=15TrZTYue7+w8aiX4gxL9uLF4YgxhcJ0SNrSqsyo69w=;
	b=FJfRL0MHjlulyuc5ndRyXmSOqB5lrtasgz6xj4LLOFJfP2MnXF7gT0zX3l4ucTG8Fi8YkB
	RyqqGq3/ut4IDyG9JQpLMAU2U/pAYMrCv6T9f4VzhDglq1dKhCDE6A9mwrqYwHKbXAw9XS
	gRon0M2ffAP7seVS9CS/N56ulHqfhxI=
X-MC-Unique: loU31VY0MOGuvaF0xqEggQ-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 4/6] docs/html: Properly generate ACL permissions into API
 reference
Date: Mon, 20 Feb 2023 11:47:07 +0100
Message-Id: 
 <cb7d4a9490a79583c3d5cbdf33d9f30f72136984.1676889902.git.pkrempa@redhat.com>
In-Reply-To: <cover.1676889902.git.pkrempa@redhat.com>
References: <cover.1676889902.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1676890047534100004
Content-Type: text/plain; charset="utf-8"

The 'newapi.xsl' stylesheet was referencing non-existing paths to the
XML files holding ACL permission flags for individual APIs. Additionally
the 'document()' XSL function doesn't even allow concatenation of the
path as it was done via '{$builddir}/src..', but requires either direct
argument or use of the 'concat()' function.

This meant that the 'acls' variable was always empty and thus none of
our API documentation was actually generated with the 'acl' section.

Fix it by passing the path to the XML via an argument to the stylesheet
as the files differ based on which document is being generated.

Since the 'admin' API does not have ACL we need to handle it separately
now in the build system.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 docs/html/meson.build  | 32 +++++++++++++++++++++++++++++++-
 docs/newapi.xsl        | 12 +++++-------
 src/access/meson.build |  4 ++++
 3 files changed, 40 insertions(+), 8 deletions(-)

diff --git a/docs/html/meson.build b/docs/html/meson.build
index b18a8ccb5f..4e818f9142 100644
--- a/docs/html/meson.build
+++ b/docs/html/meson.build
@@ -27,12 +27,14 @@ index_api_gen =3D custom_target(
   command: [
     xsltproc_prog, '--nonet', '-o', docs_builddir,
     '--stringparam', 'builddir', meson.project_build_root(),
+    '--stringparam', 'aclxmlpath', docs_acl_xml.full_path(),
     '--stringparam', 'timestamp', docs_timestamp,
     '--stringparam', 'indexfile', 'index.html',
     '@INPUT@',
   ],
   install: true,
   install_dir: docs_html_dir / 'html',
+  depends: docs_acl_xml,
   depend_files: [
     page_xsl,
   ],
@@ -41,7 +43,7 @@ index_api_gen =3D custom_target(
 docs_html_gen +=3D index_api_gen.to_list()
 docs_html_dep +=3D index_api_gen

-foreach name : [ 'admin', 'lxc', 'qemu' ]
+foreach name : [ 'lxc', 'qemu' ]
   index_api_gen =3D custom_target(
     'index-@0@-api'.format(name),
     input: [
@@ -54,11 +56,13 @@ foreach name : [ 'admin', 'lxc', 'qemu' ]
     command: [
       xsltproc_prog, '--nonet', '-o', docs_builddir,
       '--stringparam', 'builddir', meson.project_build_root(),
+      '--stringparam', 'aclxmlpath', get_variable('docs_acl_@0@_xml'.forma=
t(name)).full_path(),
       '--stringparam', 'timestamp', docs_timestamp,
       '@INPUT@',
     ],
     install: true,
     install_dir: docs_html_dir / 'html',
+    depends:  get_variable('docs_acl_@0@_xml'.format(name)),
     depend_files: [
       page_xsl,
     ],
@@ -68,6 +72,32 @@ foreach name : [ 'admin', 'lxc', 'qemu' ]
   docs_html_dep +=3D index_api_gen
 endforeach

+index_api_gen =3D custom_target(
+  'index-admin-api'.format(name),
+  input: [
+    newapi_xsl,
+    docs_admin_api_xml,
+    ],
+  output: [
+    'libvirt-libvirt-admin.html'
+    ],
+  command: [
+    xsltproc_prog, '--nonet', '-o', docs_builddir,
+    '--stringparam', 'builddir', meson.project_build_root(),
+    '--stringparam', 'aclxmlpath', '',
+    '--stringparam', 'timestamp', docs_timestamp,
+    '@INPUT@',
+    ],
+  install: true,
+  install_dir: docs_html_dir / 'html',
+  depend_files: [
+    page_xsl,
+    ],
+  )
+
+docs_html_gen +=3D index_api_gen.to_list()
+docs_html_dep +=3D index_api_gen
+
 docs_html_paths =3D []

 install_web_deps +=3D docs_html_dep
diff --git a/docs/newapi.xsl b/docs/newapi.xsl
index 3de603bb00..cc3ec681b7 100644
--- a/docs/newapi.xsl
+++ b/docs/newapi.xsl
@@ -24,18 +24,16 @@

   <xsl:param name=3D"indexfile" select=3D"''"/>

+  <xsl:param name=3D"aclxmlpath" select=3D"''"/>
+
   <!-- the target directory for the HTML output -->
   <xsl:variable name=3D"htmldir">html</xsl:variable>
   <xsl:variable name=3D"href_base">../</xsl:variable>

   <xsl:variable name=3D"acls">
-    <xsl:copy-of select=3D"document('{$builddir}/src/libvirt_access.xml')/=
aclinfo/api"/>
-  </xsl:variable>
-  <xsl:variable name=3D"qemuacls">
-    <xsl:copy-of select=3D"document('{$builddir}/src/libvirt_access_qemu.x=
ml')/aclinfo/api"/>
-  </xsl:variable>
-  <xsl:variable name=3D"lxcacls">
-    <xsl:copy-of select=3D"document('{$builddir}/src/libvirt_access_lxc.xm=
l')/aclinfo/api"/>
+    <xsl:if test=3D"$aclxmlpath !=3D ''">
+      <xsl:copy-of select=3D"document($aclxmlpath)/aclinfo/api"/>
+    </xsl:if>
   </xsl:variable>

   <xsl:template name=3D"aclinfo">
diff --git a/src/access/meson.build b/src/access/meson.build
index 07fd7d372e..0b12581dc1 100644
--- a/src/access/meson.build
+++ b/src/access/meson.build
@@ -74,6 +74,10 @@ foreach name : [ 'remote', 'qemu', 'lxc' ]
   )
 endforeach

+docs_acl_xml =3D access_gen_xml[0]
+docs_acl_qemu_xml =3D access_gen_xml[1]
+docs_acl_lxc_xml =3D access_gen_xml[2]
+
 if conf.has('WITH_POLKIT')
   access_sources +=3D access_polkit_sources

--=20
2.39.2
From nobody Sat Apr 27 08:52:59 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1676890085; cv=none;
	d=zohomail.com; s=zohoarc;
	b=lizpXZpIxssxZM6Q40UL5At9gnYeRFvZSR5XYyuR8npmjq58Lu4Y3ZDNiE3BKOGl0J9ju6zQk44qvKbNvowZpu9/ruNhPm9pbcm2fuBrxO4YgTvsXIwjDoz5PPXPg8T4bmG7aJLSNOCNOyoWQPlu7hU4+cAheEHnDnA45Vzab9o=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676890085;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=Sq89pncwGv6MWJoASoI4G5jiH4qwhxm+pl9lN5coVds=;
	b=X6ziQzLdFKACClZNb4rOtRqJAhKiG6Y3NZEsXd3h50w0zOgDOnnpro5Nl68CoFP9gUGVlTTNOo1eDbLORofPPjzxzLe0L3rjzJgbg8L6TD6C56CUYSHy0misuleP0GcMe/k+p2Iu1xFkH0PPYdrc8jzfO8JaP7TaL3OcbDYZf3Q=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1676890085386284.91229975332976;
 Mon, 20 Feb 2023 02:48:05 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-477-P67D8ifSPpiBluk4gLbNeQ-1; Mon, 20 Feb 2023 05:47:22 -0500
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com
 [10.11.54.8])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3FC54382C966;
	Mon, 20 Feb 2023 10:47:19 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 2914EC15BA0;
	Mon, 20 Feb 2023 10:47:19 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id CB8A419465A8;
	Mon, 20 Feb 2023 10:47:18 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 513A81946587 for <libvir-list@listman.corp.redhat.com>;
 Mon, 20 Feb 2023 10:47:17 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 47297492B05; Mon, 20 Feb 2023 10:47:17 +0000 (UTC)
Received: from speedmetal.redhat.com (unknown [10.45.242.16])
 by smtp.corp.redhat.com (Postfix) with ESMTP id B927B492B06
 for <libvir-list@redhat.com>; Mon, 20 Feb 2023 10:47:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1676890084;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=Sq89pncwGv6MWJoASoI4G5jiH4qwhxm+pl9lN5coVds=;
	b=au9Hb2rGEUb/BrxllAaHBuf4u/MwqKiVM4QMtPZv/WpgYuznsJ4V2537PAIJVta4zqZa9B
	WjpS9igIFFupgOyJCr4dHZ/MORhc+W54PV8DNY3o5w9OfS8UPGap2DYvZILk6XuzsHkKt5
	1TF/74x8hE4GSJzcaKgsJR2W78GdVdo=
X-MC-Unique: P67D8ifSPpiBluk4gLbNeQ-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 5/6] docs: Distribute the XMLs with ACL permission flags for
 APIs
Date: Mon, 20 Feb 2023 11:47:08 +0100
Message-Id: 
 <032e1c3502f35df65d9b1244cf9218467bad2fdd.1676889902.git.pkrempa@redhat.com>
In-Reply-To: <cover.1676889902.git.pkrempa@redhat.com>
References: <cover.1676889902.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1676890085873100002
Content-Type: text/plain; charset="utf-8"

Similarly to the API XML we can distribute the ACL permissions for the
APIs so that users who are potentially interested into the data don't
have to scrape our web.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 docs/meson.build       | 27 +++++++++++++++++++++++++++
 libvirt.spec.in        |  3 +++
 src/access/meson.build | 17 -----------------
 3 files changed, 30 insertions(+), 17 deletions(-)

diff --git a/docs/meson.build b/docs/meson.build
index a90c59866a..08bf75e329 100644
--- a/docs/meson.build
+++ b/docs/meson.build
@@ -168,6 +168,33 @@ docs_lxc_api_xml =3D docs_api_generated[1]
 docs_qemu_api_xml =3D docs_api_generated[2]
 docs_admin_api_xml =3D docs_api_generated[3]

+access_gen_xml =3D []
+
+foreach name : [ 'remote', 'qemu', 'lxc' ]
+  if name =3D=3D 'remote'
+    xml_file =3D 'libvirt_access.xml'
+  else
+    xml_file =3D 'libvirt_access_@0@.xml'.format(name)
+  endif
+  protocol_file =3D remote_path / '@0@_protocol.x'.format(name)
+
+  access_gen_xml +=3D custom_target(
+    xml_file,
+    input: protocol_file,
+    output: xml_file,
+    capture: true,
+    command: [
+      gendispatch_prog, '--mode=3Daclapi', name, name.to_upper(), '@INPUT@=
',
+    ],
+    install: true,
+    install_dir: pkgdatadir / 'api',
+  )
+endforeach
+
+docs_acl_xml =3D access_gen_xml[0]
+docs_acl_qemu_xml =3D access_gen_xml[1]
+docs_acl_lxc_xml =3D access_gen_xml[2]
+
 docs_programs_groups =3D [
   { 'name': 'rst2html5', 'prog': [ 'rst2html5', 'rst2html5.py', 'rst2html5=
-3' ] },
   { 'name': 'rst2man', 'prog': [ 'rst2man', 'rst2man.py', 'rst2man-3' ] },
diff --git a/libvirt.spec.in b/libvirt.spec.in
index e795b98d48..df625a0db4 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -2333,6 +2333,9 @@ exit 0
 %{_datadir}/libvirt/api/libvirt-admin-api.xml
 %{_datadir}/libvirt/api/libvirt-qemu-api.xml
 %{_datadir}/libvirt/api/libvirt-lxc-api.xml
+%{_datadir}/libvirt/api/libvirt_access.xml
+%{_datadir}/libvirt/api/libvirt_access_qemu.xml
+%{_datadir}/libvirt/api/libvirt_access_lxc.xml

 %if %{with_mingw}
 %files -n mingw32-libvirt -f mingw32-libvirt.lang
diff --git a/src/access/meson.build b/src/access/meson.build
index 0b12581dc1..842f37a4b6 100644
--- a/src/access/meson.build
+++ b/src/access/meson.build
@@ -16,19 +16,16 @@ remote_path =3D meson.project_source_root() / 'src' / '=
remote'
 access_gen_headers =3D []
 access_gen_sources =3D []
 access_gen_sym =3D []
-access_gen_xml =3D []

 foreach name : [ 'remote', 'qemu', 'lxc' ]
   if name =3D=3D 'remote'
     header_file =3D 'viraccessapicheck.h'
     source_file =3D 'viraccessapicheck.c'
     syms_file =3D 'libvirt_access.syms'
-    xml_file =3D 'libvirt_access.xml'
   else
     header_file =3D 'viraccessapicheck@0@.h'.format(name)
     source_file =3D 'viraccessapicheck@0@.c'.format(name)
     syms_file =3D 'libvirt_access_@0@.syms'.format(name)
-    xml_file =3D 'libvirt_access_@0@.xml'.format(name)
   endif
   protocol_file =3D remote_path / '@0@_protocol.x'.format(name)

@@ -62,22 +59,8 @@ foreach name : [ 'remote', 'qemu', 'lxc' ]
       gendispatch_prog, '--mode=3Daclsym', name, name.to_upper(), '@INPUT@=
',
     ]
   )
-
-  access_gen_xml +=3D custom_target(
-    xml_file,
-    input: protocol_file,
-    output: xml_file,
-    capture: true,
-    command: [
-      gendispatch_prog, '--mode=3Daclapi', name, name.to_upper(), '@INPUT@=
',
-    ],
-  )
 endforeach

-docs_acl_xml =3D access_gen_xml[0]
-docs_acl_qemu_xml =3D access_gen_xml[1]
-docs_acl_lxc_xml =3D access_gen_xml[2]
-
 if conf.has('WITH_POLKIT')
   access_sources +=3D access_polkit_sources

--=20
2.39.2
From nobody Sat Apr 27 08:52:59 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1676890083; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Eov4ZehkrauB9fGDS6gP6ERSSmyrnJoilzACz+qskbyTXDs6ndb6izW2++fEA2gYHx7J/15nt6VZRAu3Hx715YeeOp9mSH54nPblWqHW4MSa88UYbhs808+ImiUr4eTl6syZP/j9/Dypp2ChmSpXUhAn7zTTnNCXPaeUqZKDAH4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676890083;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=AJfkk4k+L6zICmWPeXnETJxgTFwiDNb3DpdlV7Qs0x0=;
	b=Q/WvVPPpeTG4rSdU+EG4qjFUGm7Tyq0czTVVxkMHN31y7OTm2JlhlbnP45Uogibm+oNqjMrpSxYzOkDIYuvFreHog47DvWK+KPJIuqkNK1AfsBpiPP+OEEEYDN4/r/bsHOWCy6xsqI8YRxC9UwNzKbD6O582ppw8jsN6ICG+wBw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1676890083590777.1049891175345;
 Mon, 20 Feb 2023 02:48:03 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-272-YJRaygD5MiiZfYuD6jqQtQ-1; Mon, 20 Feb 2023 05:47:23 -0500
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3137680D0E0;
	Mon, 20 Feb 2023 10:47:21 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 1C8422026D4B;
	Mon, 20 Feb 2023 10:47:21 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 0CADE1946588;
	Mon, 20 Feb 2023 10:47:21 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 354BA1946587 for <libvir-list@listman.corp.redhat.com>;
 Mon, 20 Feb 2023 10:47:18 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 2C3AA492B06; Mon, 20 Feb 2023 10:47:18 +0000 (UTC)
Received: from speedmetal.redhat.com (unknown [10.45.242.16])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 9C488492B05
 for <libvir-list@redhat.com>; Mon, 20 Feb 2023 10:47:17 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1676890082;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=AJfkk4k+L6zICmWPeXnETJxgTFwiDNb3DpdlV7Qs0x0=;
	b=fgtu3szzZa4IWe4fKcl1Jija5OZ/WG2Ofnduf/TVk85rjmc0iMVYOFOiFH2xMnoD1Z3Nal
	2dvqfIbg1mQGA4NiYItLUbsufveBsrtRG/l3RET9ogYL3rMz/8RY030SZ+jKc1s/baeUyt
	whZsQYcGlWgim93aYVCfYnFeZ/FXCGs=
X-MC-Unique: YJRaygD5MiiZfYuD6jqQtQ-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 6/6] examples: polkit: Grant 'domain.read-secure' for the
 example cases
Date: Mon, 20 Feb 2023 11:47:09 +0100
Message-Id: 
 <47c684064c95f289db7b676054848346e6e07ac1.1676889902.git.pkrempa@redhat.com>
In-Reply-To: <cover.1676889902.git.pkrempa@redhat.com>
References: <cover.1676889902.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1676890085863100001
Content-Type: text/plain; charset="utf-8"

The example gives the user authorized to work with the domain permission
to open the graphics socket. Since the graphics socket may be protected
with a password it makes sense to grant the user the
'domain.read-secure' permission to fetch the password for the graphics
object.

This also goes along with e.g. 'domain.send-input' and
'domain.screenshot' as they'll allow the user to interact with the
domain even if they didn't have the password.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 examples/polkit/libvirt-acl.rules | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/polkit/libvirt-acl.rules b/examples/polkit/libvirt-ac=
l.rules
index dd6836599a..2edd9c5b8e 100644
--- a/examples/polkit/libvirt-acl.rules
+++ b/examples/polkit/libvirt-acl.rules
@@ -93,6 +93,7 @@ restrictedActions =3D [
     "domain.inject-nmi",
     "domain.open-device",
     "domain.open-graphics",
+    "domain.read-secure",
     "domain.pm-control",
     "domain.read",
     "domain.reset",
--=20
2.39.2