[PATCH] qsd: Document fuse's allow-other option

Hanna Reitz posted 1 patch 2 years, 2 months ago
Test checkpatch passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20220124170300.20680-1-hreitz@redhat.com
Maintainers: Kevin Wolf <kwolf@redhat.com>
There is a newer version of this series
docs/tools/qemu-storage-daemon.rst   | 9 +++++++--
storage-daemon/qemu-storage-daemon.c | 2 +-
2 files changed, 8 insertions(+), 3 deletions(-)
[PATCH] qsd: Document fuse's allow-other option
Posted by Hanna Reitz 2 years, 2 months ago
We did not add documentation to the storage daemon's man page for fuse's
allow-other option when it was introduced, so do that now.

Fixes: 8fc54f9428b9763f800 ("export/fuse: Add allow-other option")
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
---
 docs/tools/qemu-storage-daemon.rst   | 9 +++++++--
 storage-daemon/qemu-storage-daemon.c | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/docs/tools/qemu-storage-daemon.rst b/docs/tools/qemu-storage-daemon.rst
index 9b0eaba6e5..f7a300c84e 100644
--- a/docs/tools/qemu-storage-daemon.rst
+++ b/docs/tools/qemu-storage-daemon.rst
@@ -76,7 +76,7 @@ Standard options:
 .. option:: --export [type=]nbd,id=<id>,node-name=<node-name>[,name=<export-name>][,writable=on|off][,bitmap=<name>]
   --export [type=]vhost-user-blk,id=<id>,node-name=<node-name>,addr.type=unix,addr.path=<socket-path>[,writable=on|off][,logical-block-size=<block-size>][,num-queues=<num-queues>]
   --export [type=]vhost-user-blk,id=<id>,node-name=<node-name>,addr.type=fd,addr.str=<fd>[,writable=on|off][,logical-block-size=<block-size>][,num-queues=<num-queues>]
-  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>[,growable=on|off][,writable=on|off]
+  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>[,growable=on|off][,writable=on|off][,allow-other=on|off|auto]
 
   is a block export definition. ``node-name`` is the block node that should be
   exported. ``writable`` determines whether or not the export allows write
@@ -103,7 +103,12 @@ Standard options:
   mounted). Consequently, applications that have opened the given file before
   the export became active will continue to see its original content. If
   ``growable`` is set, writes after the end of the exported file will grow the
-  block node to fit.
+  block node to fit.  The ``allow-other`` option controls whether users other
+  than the QSD user will be allowed to access the export.  Note that enabling
+  this option as a non-root user requires enabling the user_allow_other option
+  in the global fuse.conf configuration file.  Setting ``allow-other`` to auto
+  (the default) will have the QSD try enabling this option, and on error fall
+  back to disabling it.
 
 .. option:: --monitor MONITORDEF
 
diff --git a/storage-daemon/qemu-storage-daemon.c b/storage-daemon/qemu-storage-daemon.c
index 9d76d1114d..a1dcc4aa2e 100644
--- a/storage-daemon/qemu-storage-daemon.c
+++ b/storage-daemon/qemu-storage-daemon.c
@@ -100,7 +100,7 @@ static void help(void)
 "\n"
 #ifdef CONFIG_FUSE
 "  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>\n"
-"           [,growable=on|off][,writable=on|off]\n"
+"           [,growable=on|off][,writable=on|off][,allow-other=on|off|auto]\n"
 "                         export the specified block node over FUSE\n"
 "\n"
 #endif /* CONFIG_FUSE */
-- 
2.34.1


Re: [PATCH] qsd: Document fuse's allow-other option
Posted by Kevin Wolf 2 years, 2 months ago
Am 24.01.2022 um 18:03 hat Hanna Reitz geschrieben:
> We did not add documentation to the storage daemon's man page for fuse's
> allow-other option when it was introduced, so do that now.
> 
> Fixes: 8fc54f9428b9763f800 ("export/fuse: Add allow-other option")
> Signed-off-by: Hanna Reitz <hreitz@redhat.com>
> ---
>  docs/tools/qemu-storage-daemon.rst   | 9 +++++++--
>  storage-daemon/qemu-storage-daemon.c | 2 +-
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/docs/tools/qemu-storage-daemon.rst b/docs/tools/qemu-storage-daemon.rst
> index 9b0eaba6e5..f7a300c84e 100644
> --- a/docs/tools/qemu-storage-daemon.rst
> +++ b/docs/tools/qemu-storage-daemon.rst
> @@ -76,7 +76,7 @@ Standard options:
>  .. option:: --export [type=]nbd,id=<id>,node-name=<node-name>[,name=<export-name>][,writable=on|off][,bitmap=<name>]
>    --export [type=]vhost-user-blk,id=<id>,node-name=<node-name>,addr.type=unix,addr.path=<socket-path>[,writable=on|off][,logical-block-size=<block-size>][,num-queues=<num-queues>]
>    --export [type=]vhost-user-blk,id=<id>,node-name=<node-name>,addr.type=fd,addr.str=<fd>[,writable=on|off][,logical-block-size=<block-size>][,num-queues=<num-queues>]
> -  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>[,growable=on|off][,writable=on|off]
> +  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>[,growable=on|off][,writable=on|off][,allow-other=on|off|auto]
>  
>    is a block export definition. ``node-name`` is the block node that should be
>    exported. ``writable`` determines whether or not the export allows write
> @@ -103,7 +103,12 @@ Standard options:
>    mounted). Consequently, applications that have opened the given file before
>    the export became active will continue to see its original content. If
>    ``growable`` is set, writes after the end of the exported file will grow the
> -  block node to fit.
> +  block node to fit.  The ``allow-other`` option controls whether users other
> +  than the QSD user will be allowed to access the export.  Note that enabling
> +  this option as a non-root user requires enabling the user_allow_other option
> +  in the global fuse.conf configuration file.  Setting ``allow-other`` to auto
> +  (the default) will have the QSD try enabling this option, and on error fall
> +  back to disabling it.

"QSD" is not an acronym that is used (or introduced) elsewhere in this
document.

I suggest replacing "QSD user" with "user running the process" and "will
have the QSD try" with simply "will try".

>  .. option:: --monitor MONITORDEF
>  
> diff --git a/storage-daemon/qemu-storage-daemon.c b/storage-daemon/qemu-storage-daemon.c
> index 9d76d1114d..a1dcc4aa2e 100644
> --- a/storage-daemon/qemu-storage-daemon.c
> +++ b/storage-daemon/qemu-storage-daemon.c
> @@ -100,7 +100,7 @@ static void help(void)
>  "\n"
>  #ifdef CONFIG_FUSE
>  "  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>\n"
> -"           [,growable=on|off][,writable=on|off]\n"
> +"           [,growable=on|off][,writable=on|off][,allow-other=on|off|auto]\n"
>  "                         export the specified block node over FUSE\n"
>  "\n"
>  #endif /* CONFIG_FUSE */

Looks good otherwise.

Kevin


Re: [PATCH] qsd: Document fuse's allow-other option
Posted by Hanna Reitz 2 years, 2 months ago
On 27.01.22 17:02, Kevin Wolf wrote:
> Am 24.01.2022 um 18:03 hat Hanna Reitz geschrieben:
>> We did not add documentation to the storage daemon's man page for fuse's
>> allow-other option when it was introduced, so do that now.
>>
>> Fixes: 8fc54f9428b9763f800 ("export/fuse: Add allow-other option")
>> Signed-off-by: Hanna Reitz <hreitz@redhat.com>
>> ---
>>   docs/tools/qemu-storage-daemon.rst   | 9 +++++++--
>>   storage-daemon/qemu-storage-daemon.c | 2 +-
>>   2 files changed, 8 insertions(+), 3 deletions(-)
>>
>> diff --git a/docs/tools/qemu-storage-daemon.rst b/docs/tools/qemu-storage-daemon.rst
>> index 9b0eaba6e5..f7a300c84e 100644
>> --- a/docs/tools/qemu-storage-daemon.rst
>> +++ b/docs/tools/qemu-storage-daemon.rst
>> @@ -76,7 +76,7 @@ Standard options:
>>   .. option:: --export [type=]nbd,id=<id>,node-name=<node-name>[,name=<export-name>][,writable=on|off][,bitmap=<name>]
>>     --export [type=]vhost-user-blk,id=<id>,node-name=<node-name>,addr.type=unix,addr.path=<socket-path>[,writable=on|off][,logical-block-size=<block-size>][,num-queues=<num-queues>]
>>     --export [type=]vhost-user-blk,id=<id>,node-name=<node-name>,addr.type=fd,addr.str=<fd>[,writable=on|off][,logical-block-size=<block-size>][,num-queues=<num-queues>]
>> -  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>[,growable=on|off][,writable=on|off]
>> +  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>[,growable=on|off][,writable=on|off][,allow-other=on|off|auto]
>>   
>>     is a block export definition. ``node-name`` is the block node that should be
>>     exported. ``writable`` determines whether or not the export allows write
>> @@ -103,7 +103,12 @@ Standard options:
>>     mounted). Consequently, applications that have opened the given file before
>>     the export became active will continue to see its original content. If
>>     ``growable`` is set, writes after the end of the exported file will grow the
>> -  block node to fit.
>> +  block node to fit.  The ``allow-other`` option controls whether users other
>> +  than the QSD user will be allowed to access the export.  Note that enabling
>> +  this option as a non-root user requires enabling the user_allow_other option
>> +  in the global fuse.conf configuration file.  Setting ``allow-other`` to auto
>> +  (the default) will have the QSD try enabling this option, and on error fall
>> +  back to disabling it.
> "QSD" is not an acronym that is used (or introduced) elsewhere in this
> document.

It’s used in “qsd-qmp.sock”, “qsd-nbd.sock”, and “qsd.pid” O:)

> I suggest replacing "QSD user" with "user running the process" and "will
> have the QSD try" with simply "will try".

Sure, sounds good, will do!

Hanna

>>   .. option:: --monitor MONITORDEF
>>   
>> diff --git a/storage-daemon/qemu-storage-daemon.c b/storage-daemon/qemu-storage-daemon.c
>> index 9d76d1114d..a1dcc4aa2e 100644
>> --- a/storage-daemon/qemu-storage-daemon.c
>> +++ b/storage-daemon/qemu-storage-daemon.c
>> @@ -100,7 +100,7 @@ static void help(void)
>>   "\n"
>>   #ifdef CONFIG_FUSE
>>   "  --export [type=]fuse,id=<id>,node-name=<node-name>,mountpoint=<file>\n"
>> -"           [,growable=on|off][,writable=on|off]\n"
>> +"           [,growable=on|off][,writable=on|off][,allow-other=on|off|auto]\n"
>>   "                         export the specified block node over FUSE\n"
>>   "\n"
>>   #endif /* CONFIG_FUSE */
> Looks good otherwise.
>
> Kevin
>