access: Allow 'node-device.read' permission for anonymous users

mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-05 05:45:46 +00:00

For all other objects we allow the 'read' permission for anonymous
users. In fact the idea is to allow all permissions users using the
readonly connection would have.

This impacts the following APIs (in terms of RPC procedure names):

  $ git grep -A 3 node_device:read | grep REMOTE
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_GET_XML_DESC = 114,
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_GET_PARENT = 115,
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_NUM_OF_CAPS = 116,
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_LIST_CAPS = 117,
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_GET_AUTOSTART = 433,
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_IS_PERSISTENT = 435,
  src/remote/remote_protocol.x-    REMOTE_PROC_NODE_DEVICE_IS_ACTIVE = 436,

Fixes: a93cd08f
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

This commit is contained in:

Peter Krempa

2023-02-17 16:02:09 +01:00

parent 15e5eb8a76

commit 87ed6ff7cd

1 changed files with 1 additions and 0 deletions

									
										1

src/access/viraccessperm.h
									
										View File
										
				@ -473,6 +473,7 @@ typedef enum {

				    /**

				     * @desc: Read node device

				     * @message: Reading node device configuration requires authorization

				     * @anonymous: 1

				     */

				    VIR_ACCESS_PERM_NODE_DEVICE_READ,

access: Allow 'node-device.read' permission for anonymous users

1 src/access/viraccessperm.h Unescape Escape View File

1

src/access/viraccessperm.h

View File