On Thu, Oct 14, 2010 at 11:00:24AM +0530, Harsh Bora wrote: > On 10/13/2010 09:22 PM, Matthias Bolte wrote: > >2010/10/11 Harsh Prateek Bora<harsh@xxxxxxxxxxxxxxxxxx>: > >>This patch introduces new attribute to filesystem element > >>to support customizable security for mount type. > >>Valid mount_security are: passthrough and mapped. > >> > >>Usage: > >> <filesystem type='mount' mount_security='passthrough'> > >> <source dir='/export/to/guest'/> > >> <target dir='mount_tag'/> > >> </filesystem> > >> > >>Here is the detailed explanation on these security models: > >> > >>Security model: mapped > >>---------------------- > >> > >>Fileserver intercepts and maps all the file object create requests. > >>Files on the fileserver will be created with Fileserver's user credentials > >>and the > >>client-user's credentials are stored in extended attributes. > >>During getattr() server extracts the client-user's credentials from > >>extended > >>attributes and sends to the client. > >> > >>This adds a great deal of security in the cloud environments where the > >>guest's(client) user space is kept completely isolated from host's user > >>space. > >> > >> > >>Security model : passthrough > >>---------------------------- > >> > >>In this security model, Fileserver passes down all requests to the > >>underlying filesystem. File system objects on the fileserver will be > >>created > >>with client-user's credentials. This is done by setting setuid()/setgid() > >>during creation or chmod/chown after file creation. At the end of create > >>protocol > >>request, files on the fileserver will be owned by cleint-user's uid/gid. > >>This model mimic's current NFSv3 level of security. > >> > >>Note: This patch is based on Daniel's patch to support 9pfs. > >>It shall be applied after applying Daniel's patch to support 9pfs. > >> > >>v3: > >>- QEMU cmdline still uses security_model, changes done by mistake > >>reverted. > >> > >>Signed-off-by: Harsh Prateek Bora<harsh@xxxxxxxxxxxxxxxxxx> > >>--- > >> docs/schemas/domain.rng | 6 ++++++ > >> src/conf/domain_conf.c | 29 +++++++++++++++++++++++++++-- > >> src/conf/domain_conf.h | 10 ++++++++++ > >> src/qemu/qemu_conf.c | 9 +++++++-- > >> 4 files changed, 50 insertions(+), 4 deletions(-) > >> > > > >This patch lacks documentation about the new domain XML attributes in > >docs/formatdomain.html.in. > > > Hi Matthias, > I wanted to put the documentation for the new attributes in the > formatdomain.html.in, however, found that we are actually missing the > documentation for the <filesystem> element itself there. > I discussed about the same with DV and he suggested to put the > documentation text in the patch itself, so that once the documentation > for <filesystem> element is in place, this text can be added to it for > the new attributes. Yep, don't worry about the docs, i'll write up full docs for the entire <filesystem> element. Regards, Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list