a937b6aa73
Change
# @name: Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed
# do eiusmod tempor incididunt ut labore et dolore magna aliqua.
to
# @name: Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed
# do eiusmod tempor incididunt ut labore et dolore magna aliqua.
See recent commit "qapi: Relax doc string @name: description
indentation rules" for rationale.
Reflow paragraphs to 70 columns width, and consistently use two spaces
to separate sentences.
To check the generated documentation does not change, I compared the
generated HTML before and after this commit with "wdiff -3". Finds no
differences. Comparing with diff is not useful, as the reflown
paragraphs are visible there.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20230428105429.1687850-18-armbru@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Acked-by: Lukas Straub <lukasstraub2@web.de>
[Straightforward conflicts in qapi/audio.json qapi/misc-target.json
qapi/run-state.json resolved]
118 lines
2.5 KiB
Python
118 lines
2.5 KiB
Python
# -*- Mode: Python -*-
|
|
# vim: filetype=python
|
|
|
|
##
|
|
# = User authorization
|
|
##
|
|
|
|
##
|
|
# @QAuthZListPolicy:
|
|
#
|
|
# The authorization policy result
|
|
#
|
|
# @deny: deny access
|
|
#
|
|
# @allow: allow access
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'enum': 'QAuthZListPolicy',
|
|
'prefix': 'QAUTHZ_LIST_POLICY',
|
|
'data': ['deny', 'allow']}
|
|
|
|
##
|
|
# @QAuthZListFormat:
|
|
#
|
|
# The authorization policy match format
|
|
#
|
|
# @exact: an exact string match
|
|
#
|
|
# @glob: string with ? and * shell wildcard support
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'enum': 'QAuthZListFormat',
|
|
'prefix': 'QAUTHZ_LIST_FORMAT',
|
|
'data': ['exact', 'glob']}
|
|
|
|
##
|
|
# @QAuthZListRule:
|
|
#
|
|
# A single authorization rule.
|
|
#
|
|
# @match: a string or glob to match against a user identity
|
|
#
|
|
# @policy: the result to return if @match evaluates to true
|
|
#
|
|
# @format: the format of the @match rule (default 'exact')
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'struct': 'QAuthZListRule',
|
|
'data': {'match': 'str',
|
|
'policy': 'QAuthZListPolicy',
|
|
'*format': 'QAuthZListFormat'}}
|
|
|
|
##
|
|
# @AuthZListProperties:
|
|
#
|
|
# Properties for authz-list objects.
|
|
#
|
|
# @policy: Default policy to apply when no rule matches (default:
|
|
# deny)
|
|
#
|
|
# @rules: Authorization rules based on matching user
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'struct': 'AuthZListProperties',
|
|
'data': { '*policy': 'QAuthZListPolicy',
|
|
'*rules': ['QAuthZListRule'] } }
|
|
|
|
##
|
|
# @AuthZListFileProperties:
|
|
#
|
|
# Properties for authz-listfile objects.
|
|
#
|
|
# @filename: File name to load the configuration from. The file must
|
|
# contain valid JSON for AuthZListProperties.
|
|
#
|
|
# @refresh: If true, inotify is used to monitor the file,
|
|
# automatically reloading changes. If an error occurs during
|
|
# reloading, all authorizations will fail until the file is next
|
|
# successfully loaded. (default: true if the binary was built
|
|
# with CONFIG_INOTIFY1, false otherwise)
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'struct': 'AuthZListFileProperties',
|
|
'data': { 'filename': 'str',
|
|
'*refresh': 'bool' } }
|
|
|
|
##
|
|
# @AuthZPAMProperties:
|
|
#
|
|
# Properties for authz-pam objects.
|
|
#
|
|
# @service: PAM service name to use for authorization
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'struct': 'AuthZPAMProperties',
|
|
'data': { 'service': 'str' } }
|
|
|
|
##
|
|
# @AuthZSimpleProperties:
|
|
#
|
|
# Properties for authz-simple objects.
|
|
#
|
|
# @identity: Identifies the allowed user. Its format depends on the
|
|
# network service that authorization object is associated with.
|
|
# For authorizing based on TLS x509 certificates, the identity
|
|
# must be the x509 distinguished name.
|
|
#
|
|
# Since: 4.0
|
|
##
|
|
{ 'struct': 'AuthZSimpleProperties',
|
|
'data': { 'identity': 'str' } }
|