On Fri, Sep 04, 2015 at 14:19:09 +0200, Jiri Denemark wrote:
> Creating ACL rules is not exactly easy and existing examples are pretty
> simple. This patch adds a somewhat complex example which defines several
> roles. Admins can do everything, operators can do basic operations
> on any domain and several groups of users who act as operators but only
> on a limited set of domains.
>
> Signed-off-by: Jiri Denemark <jdenemar@xxxxxxxxxx>
> ---
> Makefile.am | 2 +-
> configure.ac | 1 +
> examples/polkit/Makefile.am | 17 ++++++
> examples/polkit/libvirt-acl.rules | 115 ++++++++++++++++++++++++++++++++++++++
> libvirt.spec.in | 3 +
> 5 files changed, 137 insertions(+), 1 deletion(-)
> create mode 100644 examples/polkit/Makefile.am
> create mode 100644 examples/polkit/libvirt-acl.rules
Consider the following addition to aclpolkit.html squashed in:
diff --git i/docs/aclpolkit.html.in w/docs/aclpolkit.html.in
index e5a9b16..dae0814 100644
--- i/docs/aclpolkit.html.in
+++ w/docs/aclpolkit.html.in
@@ -348,6 +348,12 @@
<code>lookup</code> method.
</p>
+ <p>
+ See
+ <a href="http://libvirt.org/git/?p=libvirt.git;a=tree;f=examples/polkit;hb=HEAD";>source code</a>
+ for a more complex example.
+ </p>
+
<h3><a name="exconnect">Example: restricting ability to connect to drivers</a></h3>
<p>
Jirka
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list