https://bugzilla.redhat.com/show_bug.cgi?id=1611320
Generation of the ACL API policy is a "automated process"
based on this perl script which "worked" with the changes to
add nwfilter binding API's because they had the "nwfilter"
prefix; however, the generated output name was incorrect
based on the remote protocol algorithm which expected to
generate names such as 'nwfilter-binding.action' instead
of 'nwfilter.binding-action'.
This effectively changes src/access/org.libvirt.api.policy entries:
org.libvirt.api.nwfilter.binding-create ==>
org.libvirt.api.nwfilter-binding.create
org.libvirt.api.nwfilter.binding-delete ==>
org.libvirt.api.nwfilter-binding.delete
org.libvirt.api.nwfilter.binding-getattr ==>
org.libvirt.api.nwfilter-binding.getattr
org.libvirt.api.nwfilter.binding-read ==>
org.libvirt.api.nwfilter-binding.read
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
If someone can explain better exactly what is happening in this
processing, I'd be more than willing to update the commit message.
I'm sure my wording isn't "precise" enough, but I feel like I hit
the lottery finding this needle in the haystack.
src/access/genpolkit.pl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/access/genpolkit.pl b/src/access/genpolkit.pl
index 968cb8c55c..e074c90eb6 100755
--- a/src/access/genpolkit.pl
+++ b/src/access/genpolkit.pl
@@ -22,8 +22,8 @@ use warnings;
my @objects = (
"CONNECT", "DOMAIN", "INTERFACE",
- "NETWORK","NODE_DEVICE", "NWFILTER",
- "SECRET", "STORAGE_POOL", "STORAGE_VOL",
+ "NETWORK","NODE_DEVICE", "NWFILTER_BINDING",
"NWFILTER",
+ "SECRET", "STORAGE_POOL", "STORAGE_VOL",
);
my $objects = join ("|", @objects);
--
2.17.1