[libvirt] [PATCH] acl: remove various left over Xen ACL whitelist entries
Daniel P. Berrangé
berrange at redhat.com
Thu Apr 12 15:24:18 UTC 2018
The legacy xen driver is removed, so these ACLL hacks can be removed
too now.
Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
src/check-aclrules.pl | 23 ++++-------------------
1 file changed, 4 insertions(+), 19 deletions(-)
diff --git a/src/check-aclrules.pl b/src/check-aclrules.pl
index 5b6c711dc8..374abaa722 100755
--- a/src/check-aclrules.pl
+++ b/src/check-aclrules.pl
@@ -61,26 +61,12 @@ my %whitelist = (
"interfaceClose" => 1,
);
-# Temp hack - remove it once xen driver is fixed
+# XXX this vzDomainMigrateConfirm3Params looks
+# bogus - determine why it doesn't have a valid
+# ACL check.
my %implwhitelist = (
- "xenUnifiedDomainRestore" => 1,
- "xenUnifiedDomainRestoreFlags" => 1,
- "xenUnifiedDomainMigratePrepare" => 1,
- "xenUnifiedNodeDeviceDettach" => 1,
- "xenUnifiedNodeDeviceDetachFlags" => 1,
- "xenUnifiedNodeDeviceReset" => 1,
- "xenUnifiedDomainIsActive" => 1,
- "xenUnifiedDomainIsPersistent" => 1,
- "xenUnifiedDomainIsUpdated" => 1,
- "xenUnifiedDomainOpenConsole" => 1,
"vzDomainMigrateConfirm3Params" => 1,
);
-my %filterimplwhitelist = (
- "xenUnifiedConnectListDomains" => 1,
- "xenUnifiedConnectNumOfDomains" => 1,
- "xenUnifiedConnectListDefinedDomains" => 1,
- "xenUnifiedConnectNumOfDefinedDomains" => 1,
- );
my $lastfile;
@@ -234,8 +220,7 @@ while (<>) {
}
if (exists $filtered{$api} &&
- !exists $aclfilters{$impl} &&
- !exists $filterimplwhitelist{$impl}) {
+ !exists $aclfilters{$impl}) {
print "$ARGV:$. Missing ACL filter in function '$impl' for '$api'\n";
$status = 1;
}
--
2.14.3
More information about the libvir-list
mailing list