[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v6 07/11] authz: add QAuthZSimple object type fo
|
From: |
Daniel P . Berrangé |
|
Subject: |
Re: [Qemu-devel] [PATCH v6 07/11] authz: add QAuthZSimple object type for easy whitelist auth checks |
|
Date: |
Tue, 13 Nov 2018 17:11:12 +0000 |
|
User-agent: |
Mutt/1.10.1 (2018-07-13) |
On Thu, Nov 08, 2018 at 02:23:48AM +0400, Marc-André Lureau wrote:
> On Fri, Oct 19, 2018 at 5:49 PM Daniel P. Berrangé <address@hidden> wrote:
> >
> > In many cases a single VM will just need to whilelist a single identity
> > as the allowed user of network services. This is especially the case for
> > TLS live migration (optionally with NBD storage) where we just need to
> > whitelist the x509 certificate distinguished name of the source QEMU
> > host.
> >
> > Via QMP this can be configured with:
> >
> > {
> > "execute": "object-add",
> > "arguments": {
> > "qom-type": "authz-simple",
> > "id": "authz0",
> > "parameters": {
> > "identity": "fred"
> > }
> > }
> > }
> >
> > Or via the command line
> >
> > -object authz-simple,id=authz0,identity=fred
> >
> > Signed-off-by: Daniel P. Berrange <address@hidden>
>
> Reviewed-by: Marc-André Lureau <address@hidden>
>
> (a test would be trivial)
Yes, will add one
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|