From: Eric Blake <eblake@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>, qemu-devel@nongnu.org
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
qemu-block@nongnu.org, "Markus Armbruster" <armbru@redhat.com>,
"Andreas Färber" <afaerber@suse.de>,
"Max Reitz" <mreitz@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v3 04/10] util: add QAuthZ object as an authorization base class
Date: Tue, 22 Mar 2016 10:33:42 -0600 [thread overview]
Message-ID: <56F173E6.6000604@redhat.com> (raw)
In-Reply-To: <1457636396-24983-4-git-send-email-berrange@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 1997 bytes --]
On 03/10/2016 11:59 AM, Daniel P. Berrange wrote:
> The current qemu_acl module provides a simple access control
> list facility inside QEMU, which is used via a set of monitor
> commands acl_show, acl_policy, acl_add, acl_remove & acl_reset.
>
> Note there is no ability to create ACLs - the network services
> (eg VNC server) were expected to create ACLs that they want to
> check.
>
> There is also no way to define ACLs on the command line, nor
> potentially integrate with external authorization systems like
> polkit, pam, ldap lookup, etc.
>
> The QAuthZ object defines a minimal abstract QOM class that can
> be subclassed for creating different authorization providers.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> +++ b/include/qemu/authz.h
> +
> +/**
> + * QAuthZ:
> + *
> + * The QAuthZ class defines an API contract to be used
> + * for providing an authorization driver for network
> + * services.
Just network services? Or is it broader than that?
> +/**
> + * qauthz_is_allowed:
> + * @authz: the authorization object
> + * @identity: the user identity to authorize
> + * @errp: pointer to a NULL initialized error object
> + *
> + * Check if a user @identity is authorized
> + *
> + * Returns: true if @identity is authorizd, false otherwise
s/authorizd/authorized/
I think you need more documentation on return semantics. Do we have
strict binary return (either we returned true and errp is unset, or we
returned false and errp is set), or is it a ternary (we return true and
errp is unset: permission is explicitly granted; we return false and
errp is unset: permission is explicitly denied; or we set errp: we could
not determine permission). And if a ternary, do we also want to require
that setting 'errp' also requires a return of false, or is the return
undefined in that case?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
next prev parent reply other threads:[~2016-03-22 16:34 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-10 18:51 [Qemu-devel] [PATCH v3 00/10] Provide a QOM-based authorization API Daniel P. Berrange
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 01/10] qdict: implement a qdict_crumple method for un-flattening a dict Daniel P. Berrange
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 02/10] qapi: allow QmpInputVisitor to auto-cast types Daniel P. Berrange
2016-03-21 23:18 ` Eric Blake
2016-03-22 15:49 ` Daniel P. Berrange
2016-03-22 16:20 ` Eric Blake
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 03/10] qom: support arbitrary non-scalar properties with -object Daniel P. Berrange
2016-03-21 23:27 ` Eric Blake
2016-03-22 9:07 ` Markus Armbruster
2016-03-22 10:34 ` Daniel P. Berrange
2016-03-22 15:51 ` Daniel P. Berrange
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 04/10] util: add QAuthZ object as an authorization base class Daniel P. Berrange
2016-03-22 16:33 ` Eric Blake [this message]
2016-03-22 16:43 ` Daniel P. Berrange
2016-03-22 16:44 ` Daniel P. Berrange
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 05/10] util: add QAuthZSimple object type for a simple access control list Daniel P. Berrange
2016-03-22 17:38 ` Eric Blake
2016-03-23 12:38 ` Daniel P. Berrange
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 06/10] acl: delete existing ACL implementation Daniel P. Berrange
2016-03-22 17:58 ` Eric Blake
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 07/10] qemu-nbd: add support for ACLs for TLS clients Daniel P. Berrange
2016-03-22 18:14 ` Eric Blake
2016-03-23 12:40 ` Daniel P. Berrange
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 08/10] nbd: allow an ACL to be set with nbd-server-start QMP command Daniel P. Berrange
2016-03-22 18:19 ` Eric Blake
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 09/10] chardev: add support for ACLs for TLS clients Daniel P. Berrange
2016-03-22 21:26 ` Eric Blake
2016-03-10 18:59 ` [Qemu-devel] [PATCH v3 10/10] vnc: allow specifying a custom ACL object name Daniel P. Berrange
2016-03-22 21:38 ` Eric Blake
2016-03-23 12:43 ` Daniel P. Berrange
2016-03-21 22:45 ` [Qemu-devel] [PATCH v3 01/10] qdict: implement a qdict_crumple method for un-flattening a dict Eric Blake
2016-03-22 15:44 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56F173E6.6000604@redhat.com \
--to=eblake@redhat.com \
--cc=afaerber@suse.de \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=mreitz@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.