Commit Graph

22 Commits

Author SHA1 Message Date
Ján Tomko
6fab37da59 Prefer https: everywhere where possible
Use https: links for websites that support them.

The URIs which are used as namespace identifiers
are left alone.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
2020-09-01 21:58:46 +02:00
Ján Tomko
871f231ea0 docs: point to GitLab as the primary git hosting
We still point to git repositories hosted on libvirt.org in various
places. Replace the links to their gitlab.com equivalents.

Note that GitLab is trying to be smart here and
  https://gitlab.com/libvirt/libvirt
redirects to
  https://gitlab.com/libvirt/libvirt.git
when doing a 'git clone' and vice-versa when visiting from the
browser, so I only kept the .git suffix in places that explicitly
mentioned 'git clone'.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-03 13:38:33 +02:00
Jim Fehlig
5768726093 docs: Xen improvements
In formatdomain, using 'libxl' and 'xen' is redundant since they now
both refer to the same driver. 'xen' predates 'libxl' and unambiguously
identifies the Xen hypervisor, so drop the use of 'libxl'.

In aclpolkit, the connection URI was erroneously identified as 'libxl'
and the name 'xenlight'. Change the URI to 'xen' and driver name to 'Xen'.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-05-05 14:53:37 -06:00
Cole Robinson
f854e051b9 Remove phyp driver
The phyp driver was added in 2009 and does not appear to have had any
real feature change since 2011. There's virtually no evidence online
of users actually using it. IMO it's time to kill it.

This was discussed a bit in April 2016:
https://www.redhat.com/archives/libvir-list/2016-April/msg01060.html

Final discussion is here:
https://www.redhat.com/archives/libvir-list/2019-December/msg01162.html

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2019-12-20 12:25:42 -05:00
Daniel P. Berrangé
eb7388b549 docs: relax CSS context match for pretty tables
We currently only render pretty tables if they have the "top_table"
class set. All of our tables set this, except for the ACL & migration
doc tables, which should have set it, and the API reference which does
not want it.

Simplify life by rendering all tables in a pretty style and remove the
need for the "top_table" class entirely. A small rule turns off the
pretty style for the API reference where tables are a hack used to
render enums with horizontal alignment.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-12-04 15:48:28 +00:00
Jim Fehlig
2171442d62 xenapi: remove driver
The xenapi driver has not seen any development since its initial
contribution 9 years ago. There have been no bug reports, no patches,
and no queries about the driver on the developer or user mailing lists.
Remove the driver from the libvirt sources.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-03 15:37:54 -06:00
Michal Privoznik
29682196d8 Drop UML driver
The driver is unmaintained, untested and severely broken for
quite some time now. Since nobody even reported any issue with it
let us drop it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-12-17 17:52:46 +01:00
John Ferlan
4f1107614d docs: Enhance polkit documentation to describe secondary connection
https://bugzilla.redhat.com/show_bug.cgi?id=1631606

Since commit 8259255 usage of a primary connection driver for
a virConnect has been modified to open (virConnectOpen) and use
a connection to the specific driver in order to handle the API
calls to/for that driver. This causes some confusion and issues
for ACL polkit rule scripts to know exactly which driver by
name will be used.

Add some documentation describing the processing of the primary
and secondary connection as well as the list of the connect_driver
names used for each driver.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-11-05 07:13:22 -05:00
Ville Skyttä
1f2f055bc3 docs: Grammar and spelling fixes
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
2018-05-03 12:40:37 +01:00
Daniel P. Berrange
e371b3bf41 Use https:// links for most sites
This adds a rule to require https links for the libvirt, qemu
and kvm websites.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-10-16 10:22:34 +01:00
Daniel P. Berrange
b1c81567c7 docs: switch to using HTML5 doctype declaration
The HTML5 doctype is simply

  <!DOCTYPE html>

no DTD is present because HTML5 is no longer defined as an
extension of SGML.

XSL has no way to natively output a doctype without a public
or system identifier, so we have to use an <xsl:text> hack
instead.

See also

  https://dev.w3.org/html5/html-author/#doctype-declaration

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-08-02 17:00:11 +01:00
Daniel P. Berrange
4e42ff6b7e docs: switch to using 'id' attribute instead of 'name' for links
The 'name' attribute on <a...> elements is deprecated in favour
of the 'id' attribute which is allowed on any element. HTML5
drops 'name' support entirely.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-08-02 17:00:11 +01:00
Michal Privoznik
63a3d5b802 aclpolkit.html.in: Kill useless spaces in <pre/>
The <pre/> section is rendered as-is on the page. That is, if all
the lines are prefixed with 4 spaces the rendered page will also
have them. Problem is if we put a box around such <pre/> because
the content might not fix into it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-11-14 11:03:34 +01:00
John Ferlan
13350a17e4 conf: Add new secret type "tls"
Add a new secret usage type known as "tls" - it will handle adding the
secret objects for various TLS objects that need to provide some sort
of passphrase in order to access the credentials.

The format is:

   <secret ephemeral='no' private='no'>
     <description>Sample TLS secret</description>
     <usage type='tls'>
       <name>mumblyfratz</name>
     </usage>
</secret>

Once defined and a passphrase set, future patches will allow the UUID
to be set in the qemu.conf file and thus used as a secret for various
TLS options such as a chardev serial TCP connection, a NBD client/server
connection, and migration.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-09-09 08:20:05 -04:00
John Ferlan
dae3b96560 conf: Revert changes to add new secret type "passphrase"
Revert the remainder of commit id 'c84380106'
2016-07-14 13:47:08 -04:00
John Ferlan
c84380106f conf: Add new secret type "passphrase"
Add a new secret type known as "passphrase" - it will handle adding the
secret objects that need a passphrase without a specific username.

The format is:

   <secret ...>
     <uuid>...</uuid>
     ...
     <usage type='passphrase'>
       <name>mumblyfratz</name>
     </usage>
   </secret>

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-07-01 15:45:41 -04:00
Jiri Denemark
29b5167417 examples: Add example polkit ACL rules
Creating ACL rules is not exactly easy and existing examples are pretty
simple. This patch adds a somewhat complex example which defines several
roles. Admins can do everything, operators can do basic operations
on any domain and several groups of users who act as operators but only
on a limited set of domains.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-09-04 17:26:04 +02:00
Luyao Huang
d53d52d4c0 doc: fix mismatched ACL attribute name
As documented in https://bugzilla.redhat.com/show_bug.cgi?id=1161358,
the ACL attribute should be named: interface_macaddr

Signed-off-by: Luyao Huang <lhuang@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-07 10:49:39 +01:00
Cole Robinson
9dd4150a4f docs: aclpolkit: Fix a heading typo 2013-10-04 13:38:57 -04:00
Daniel P. Berrange
7a7cb0934e Update polkit examples to use 'lookup' method
Feedback from the polkit developers indicates that the
"_detail_XXXX" attributes are a private implementation
detail. Our examples should be recommending use of the
"action.lookup('XXX')" method instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-16 16:57:09 +01:00
Daniel P. Berrange
b6c7e3bb52 Fix typo in domain name in polkit acl example
Signed-off-by: Daniel P. Berrange <dan@berrange.com>
2013-08-09 20:03:42 +01:00
Daniel P. Berrange
da13f2c70c Add documentation for access control system
This adds two new pages to the website, acl.html describing
the general access control framework and permissions models,
and aclpolkit.html describing the use of polkit as an
access control driver.

page.xsl is modified to support a new syntax

  <div id="include" filename="somefile.htmlinc"/>

which will cause the XSL transform to replace that <div>
with the contents of 'somefile.htmlinc'. We use this in
the acl.html.in file, to pull the table of permissions
for each libvirt object. This table is autogenerated
from the enums in src/access/viraccessperms.h by the
genaclperms.pl script.

newapi.xsl is modified so that the list of permissions
checks shown against each API will link to the description
of the permissions in acl.html

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-09 17:13:02 +01:00