Re: [libvirt] [PATCH v2] examples: Add example polkit ACL rules
On Fri, Sep 04, 2015 at 14:19:09 +0200, Jiri Denemark wrote:
Creating ACL rules is not exactly easy and existing examples are
pretty
simple. This patch adds a somewhat complex example which defines several
roles. Admins can do everything, operators can do basic operations
on any domain and several groups of users who act as operators but only
on a limited set of domains.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
Makefile.am | 2 +-
configure.ac | 1 +
examples/polkit/Makefile.am | 17 ++++++
examples/polkit/libvirt-acl.rules | 115 ++++++++++++++++++++++++++++++++++++++
libvirt.spec.in | 3 +
5 files changed, 137 insertions(+), 1 deletion(-)
create mode 100644 examples/polkit/Makefile.am
create mode 100644 examples/polkit/libvirt-acl.rules
Consider the following addition to aclpolkit.html squashed in:
diff --git i/docs/aclpolkit.html.in w/docs/aclpolkit.html.in
index e5a9b16..dae0814 100644
--- i/docs/aclpolkit.html.in
+++ w/docs/aclpolkit.html.in
@@ -348,6 +348,12 @@
<code>lookup</code> method.
</p>
+ <p>
+ See
+ <a
href="http://libvirt.org/git/?p=libvirt.git;a=tree;f=examples/polkit...
code</a>
+ for a more complex example.
+ </p>
+
<h3><a name="exconnect">Example: restricting ability to connect
to drivers</a></h3>
<p>
Jirka