diff options
| author | Daniel P. Berrangé <berrange@redhat.com> | 2021-02-19 17:47:31 +0000 |
|---|---|---|
| committer | Daniel P. Berrangé <berrange@redhat.com> | 2021-03-18 09:22:55 +0000 |
| commit | 5994dcb8d8525ac044a31913c6bceeee788ec700 (patch) | |
| tree | 8016ae5b1a56d284a8d55599aee05ff0357a1ffd /hmp-commands.hx | |
| parent | 571d413b5da6bc6f1c2aaca8484717642255ddb0 (diff) | |
ui, monitor: remove deprecated VNC ACL option and HMP commands
The VNC ACL concept has been replaced by the pluggable "authz" framework
which does not use monitor commands.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Diffstat (limited to 'hmp-commands.hx')
| -rw-r--r-- | hmp-commands.hx | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/hmp-commands.hx b/hmp-commands.hx index d4001f9c5d..b500b8526d 100644 --- a/hmp-commands.hx +++ b/hmp-commands.hx @@ -1434,82 +1434,6 @@ SRST ERST { - .name = "acl_show", - .args_type = "aclname:s", - .params = "aclname", - .help = "list rules in the access control list", - .cmd = hmp_acl_show, - }, - -SRST -``acl_show`` *aclname* - List all the matching rules in the access control list, and the default - policy. There are currently two named access control lists, - *vnc.x509dname* and *vnc.username* matching on the x509 client - certificate distinguished name, and SASL username respectively. -ERST - - { - .name = "acl_policy", - .args_type = "aclname:s,policy:s", - .params = "aclname allow|deny", - .help = "set default access control list policy", - .cmd = hmp_acl_policy, - }, - -SRST -``acl_policy`` *aclname* ``allow|deny`` - Set the default access control list policy, used in the event that - none of the explicit rules match. The default policy at startup is - always ``deny``. -ERST - - { - .name = "acl_add", - .args_type = "aclname:s,match:s,policy:s,index:i?", - .params = "aclname match allow|deny [index]", - .help = "add a match rule to the access control list", - .cmd = hmp_acl_add, - }, - -SRST -``acl_add`` *aclname* *match* ``allow|deny`` [*index*] - Add a match rule to the access control list, allowing or denying access. - The match will normally be an exact username or x509 distinguished name, - but can optionally include wildcard globs. eg ``*@EXAMPLE.COM`` to - allow all users in the ``EXAMPLE.COM`` kerberos realm. The match will - normally be appended to the end of the ACL, but can be inserted - earlier in the list if the optional *index* parameter is supplied. -ERST - - { - .name = "acl_remove", - .args_type = "aclname:s,match:s", - .params = "aclname match", - .help = "remove a match rule from the access control list", - .cmd = hmp_acl_remove, - }, - -SRST -``acl_remove`` *aclname* *match* - Remove the specified match rule from the access control list. -ERST - - { - .name = "acl_reset", - .args_type = "aclname:s", - .params = "aclname", - .help = "reset the access control list", - .cmd = hmp_acl_reset, - }, - -SRST -``acl_reset`` *aclname* - Remove all matches from the access control list, and set the default - policy back to ``deny``. -ERST - - { .name = "nbd_server_start", .args_type = "all:-a,writable:-w,uri:s", .params = "nbd_server_start [-a] [-w] host:port", |