[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH v2 0/5] Guest filesystem information API



On 11/20/14, 14:17 , "Eric Blake" <eblake redhat com> wrote:

>On 11/20/2014 05:33 AM, Michal Privoznik wrote:
>
>>> I'm also hoping someone else (eblake?) can look at the
>>>remote_protocol.x
>>> changes to ensure they encompass everything they are supposed to.  Also
>>> that the usage of QEMU_JOB_QUERY not _MODIFY for the GetFSInfo seems
>>> more appropriate and is in line with the various remote_protocol.x
>>> settings (@acl/@generate stuff settings).
>> 
>> 
>> @generate is correct, since both, client and server implementations are
>> provided.
>> @acl looks consistent to the rest. Correct, for querying domain info you
>> need to have read permission and that's it.
>
>Oh, wait.  This is an interaction with the guest agent.  We have already
>stated that ANY action that requires guest cooperation MUST require more
>than plain domain:read privileges (for example, creating a snapshot
>requires domain:fs_freeze if the quiesce flag is present; using
>virDomainShutdownFlags requires domain:write if the guest agent is
>involved).
>
>Since the main use of this API is to query the list of mountpoints that
>then feed virDomainFSFreeze, I think this should be @acl
>domain:fs_freeze, rather than domain:read.  Even if it is a read-only
>operation, it makes more sense to treat this command as a family where a
>user is either given rights for all related freeze APIs or none of them.

OK, I¹ll change this to '@acl domain:fs_freeze¹ and
use QEMU_JOB_QUERY because this interact with qemu-guest-agent.

-- 
Tomoki Sekiyama




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]