For all other objects we allow the 'read' permission for anonymous
users. In fact the idea is to allow all permissions users using the
readonly connection would have.
This impacts the following APIs (in terms of RPC procedure names):
$ git grep -A 3 node_device:read | grep REMOTE
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_GET_XML_DESC = 114,
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_GET_PARENT = 115,
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_NUM_OF_CAPS = 116,
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_LIST_CAPS = 117,
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_GET_AUTOSTART = 433,
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_IS_PERSISTENT = 435,
src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_IS_ACTIVE = 436,
Fixes: a93cd08f
Signed-off-by: Peter Krempa <pkre...@redhat.com>
---
src/access/viraccessperm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/access/viraccessperm.h b/src/access/viraccessperm.h
index 051246a7b6..2f04459ed9 100644
--- a/src/access/viraccessperm.h
+++ b/src/access/viraccessperm.h
@@ -473,6 +473,7 @@ typedef enum {
/**
* @desc: Read node device
* @message: Reading node device configuration requires authorization
+ * @anonymous: 1
*/
VIR_ACCESS_PERM_NODE_DEVICE_READ,
--
2.39.1
