Certain APIs are allowed also without authentication but the ACL page didn't outline which. Generate a new column with the information. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/acl.html.in | 3 ++- scripts/genaclperms.py | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/acl.html.in b/docs/acl.html.in index 3d0f651864..268d3aebd3 100644 --- a/docs/acl.html.in +++ b/docs/acl.html.in @@ -20,7 +20,8 @@ state, where the only API operations allowed are those required to complete authentication. After successful authentication, a connection either has full, unrestricted access to all libvirt - API calls, or is locked down to only "read only" operations, + API calls, or is locked down to only "read only" (see 'Anonymous' + in the table below) operations, according to what socket a client connection originated on. </p> diff --git a/scripts/genaclperms.py b/scripts/genaclperms.py index e228b3ef60..43616dad04 100755 --- a/scripts/genaclperms.py +++ b/scripts/genaclperms.py @@ -96,6 +96,7 @@ for obj in sorted(perms.keys()): print(' <tr>') print(' <th>Permission</th>') print(' <th>Description</th>') + print(' <th>Anonymous</th>') print(' </tr>') print(' </thead>') print(' <tbody>') @@ -103,6 +104,11 @@ for obj in sorted(perms.keys()): for perm in sorted(perms[obj].keys()): description = perms[obj][perm]["desc"] + if perms[obj][perm]["anonymous"]: + anonymous = 'yes' + else: + anonymous = '' + if description is None: raise Exception("missing description for %s.%s" % (obj, perm)) @@ -112,6 +118,7 @@ for obj in sorted(perms.keys()): print(' <tr>') print(' <td><a id="%s">%s</a></td>' % (plink, perm)) print(' <td>%s</td>' % description) + print(' <td>%s</td>' % anonymous) print(' </tr>') print(' </tbody>') -- 2.39.1