[PATCH v8 08/21] backup: Add new domain:checkpoint access control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Creating a checkpoint does not modify guest-visible state,
but does modify host resources.  Rather than reuse existing
domain:write, domain:block_write, or domain:snapshot access
controls, it seems better to introduce a new access control
specific to tasks related to checkpoints and incremental
backups of guest disk state.

Signed-off-by: Eric Blake <eblake@xxxxxxxxxx>
Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 src/access/viraccessperm.h | 6 ++++++
 src/access/viraccessperm.c | 3 ++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/access/viraccessperm.h b/src/access/viraccessperm.h
index ed1f7168ca..bf152d1dc3 100644
--- a/src/access/viraccessperm.h
+++ b/src/access/viraccessperm.h
@@ -187,6 +187,12 @@ typedef enum {
      */
     VIR_ACCESS_PERM_DOMAIN_MIGRATE,   /* Host migration */

+    /**
+     * @desc: Checkpoint domain
+     * @message: Checkpointing domain requires authorization
+     */
+    VIR_ACCESS_PERM_DOMAIN_CHECKPOINT,  /* Checkpoint disks */
+
     /**
      * @desc: Snapshot domain
      * @message: Snapshotting domain requires authorization
diff --git a/src/access/viraccessperm.c b/src/access/viraccessperm.c
index 67f751ef9c..b74b28f55b 100644
--- a/src/access/viraccessperm.c
+++ b/src/access/viraccessperm.c
@@ -39,7 +39,8 @@ VIR_ENUM_IMPL(virAccessPermDomain,
               "getattr", "read", "write", "read_secure",
               "start", "stop", "reset",
               "save", "delete",
-              "migrate", "snapshot", "suspend", "hibernate", "core_dump", "pm_control",
+              "migrate", "checkpoint", "snapshot", "suspend", "hibernate",
+              "core_dump", "pm_control",
               "init_control", "inject_nmi", "send_input", "send_signal",
               "fs_trim", "fs_freeze",
               "block_read", "block_write", "mem_read",
-- 
2.20.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux