[PATCH 2/6] remote: Implement OpenSSH authorized key file mgmt APIs
Peter Krempa
pkrempa at redhat.com
Wed Nov 11 08:10:35 UTC 2020
On Tue, Nov 10, 2020 at 16:11:42 +0100, Michal Privoznik wrote:
> Since both APIs accept/return an array of strings we can't have
> client/server dispatch code generated. But implementation is
> fairly trivial, although verbose.
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> src/remote/remote_daemon_dispatch.c | 82 +++++++++++++++++++++++++++
> src/remote/remote_driver.c | 87 +++++++++++++++++++++++++++++
> src/remote/remote_protocol.x | 34 ++++++++++-
> src/remote_protocol-structs | 22 ++++++++
> 4 files changed, 224 insertions(+), 1 deletion(-)
[...]
> static virNetworkDriver network_driver = {
> diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
> index 5e5e781e76..89ecc832ff 100644
> --- a/src/remote/remote_protocol.x
> +++ b/src/remote/remote_protocol.x
[...]
> @@ -6682,5 +6702,17 @@ enum remote_procedure {
> * @generate: both
> * @acl: none
> */
> - REMOTE_PROC_DOMAIN_EVENT_MEMORY_FAILURE = 423
> + REMOTE_PROC_DOMAIN_EVENT_MEMORY_FAILURE = 423,
> +
> + /**
> + * @generate: none
> + * @acl: domain:read
We mandate domain:write for anything touching the guest agent.
> + */
> + REMOTE_PROC_DOMAIN_AUTHORIZED_SSH_KEYS_GET = 424,
> +
> + /**
> + * @generate: none
> + * @acl: domain:write
> + */
> + REMOTE_PROC_DOMAIN_AUTHORIZED_SSH_KEYS_SET = 425
> };
More information about the libvir-list
mailing list