Re: [libvirt] [PATCH v2 0/5] Guest filesystem information API
On 11/20/2014 05:33 AM, Michal Privoznik wrote:
> I'm also hoping someone else (eblake?) can look at the
remote_protocol.x
> changes to ensure they encompass everything they are supposed to. Also
> that the usage of QEMU_JOB_QUERY not _MODIFY for the GetFSInfo seems
> more appropriate and is in line with the various remote_protocol.x
> settings (@acl/@generate stuff settings).
@generate is correct, since both, client and server implementations are
provided.
@acl looks consistent to the rest. Correct, for querying domain info you
need to have read permission and that's it.
Oh, wait. This is an interaction with the guest agent. We have already
stated that ANY action that requires guest cooperation MUST require more
than plain domain:read privileges (for example, creating a snapshot
requires domain:fs_freeze if the quiesce flag is present; using
virDomainShutdownFlags requires domain:write if the guest agent is
involved).
Since the main use of this API is to query the list of mountpoints that
then feed virDomainFSFreeze, I think this should be @acl
domain:fs_freeze, rather than domain:read. Even if it is a read-only
operation, it makes more sense to treat this command as a family where a
user is either given rights for all related freeze APIs or none of them.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 539 bytes)