[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH v3] Added new attribute mount_security to filesystem element



On Thu, Oct 14, 2010 at 11:00:24AM +0530, Harsh Bora wrote:
> On 10/13/2010 09:22 PM, Matthias Bolte wrote:
> >2010/10/11 Harsh Prateek Bora<harsh linux vnet ibm com>:
> >>This patch introduces new attribute to filesystem element
> >>to support customizable security for mount type.
> >>Valid mount_security are: passthrough and mapped.
> >>
> >>Usage:
> >>        <filesystem type='mount' mount_security='passthrough'>
> >>        <source dir='/export/to/guest'/>
> >>        <target dir='mount_tag'/>
> >>        </filesystem>
> >>
> >>Here is the detailed explanation on these security models:
> >>
> >>Security model: mapped
> >>----------------------
> >>
> >>Fileserver intercepts and maps all the file object create requests.
> >>Files on the fileserver will be created with Fileserver's user credentials
> >>and the
> >>client-user's credentials are stored in extended attributes.
> >>During getattr() server extracts the client-user's credentials from 
> >>extended
> >>attributes and sends to the client.
> >>
> >>This adds a great deal of security in the cloud environments where the
> >>guest's(client) user space is kept completely isolated from host's user
> >>space.
> >>
> >>
> >>Security model : passthrough
> >>----------------------------
> >>
> >>In this security model, Fileserver passes down all requests to the
> >>underlying filesystem. File system objects on the fileserver will be 
> >>created
> >>with client-user's credentials. This is done by setting setuid()/setgid()
> >>during creation or chmod/chown after file creation. At the end of create
> >>protocol
> >>request, files on the fileserver will be owned by cleint-user's uid/gid.
> >>This model mimic's current NFSv3 level of security.
> >>
> >>Note: This patch is based on Daniel's patch to support 9pfs.
> >>It shall be applied after applying Daniel's patch to support 9pfs.
> >>
> >>v3:
> >>- QEMU cmdline still uses security_model, changes done by mistake 
> >>reverted.
> >>
> >>Signed-off-by: Harsh Prateek Bora<harsh linux vnet ibm com>
> >>---
> >>  docs/schemas/domain.rng |    6 ++++++
> >>  src/conf/domain_conf.c  |   29 +++++++++++++++++++++++++++--
> >>  src/conf/domain_conf.h  |   10 ++++++++++
> >>  src/qemu/qemu_conf.c    |    9 +++++++--
> >>  4 files changed, 50 insertions(+), 4 deletions(-)
> >>
> >
> >This patch lacks documentation about the new domain XML attributes in
> >docs/formatdomain.html.in.
> >
> Hi Matthias,
> I wanted to put the documentation for the new attributes in the 
> formatdomain.html.in, however, found that we are actually missing the 
> documentation for the <filesystem> element itself there.
> I discussed about the same with DV and he suggested to put the 
> documentation text in the patch itself, so that once the documentation 
> for <filesystem> element is in place, this text can be added to it for 
> the new attributes.

Yep, don't worry about the docs, i'll write up full docs for the entire
<filesystem> element.

Regards,
Daniel
-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]