[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 6/6] tools/virtiofsd: xattr name mapping examples
From: |
Dr. David Alan Gilbert (git) |
Subject: |
[PATCH v2 6/6] tools/virtiofsd: xattr name mapping examples |
Date: |
Thu, 27 Aug 2020 16:36:57 +0100 |
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Add a few examples of xattrmaps to the documentation.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
docs/tools/virtiofsd.rst | 49 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 49 insertions(+)
diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst
index 2efa16d3c5..a138549862 100644
--- a/docs/tools/virtiofsd.rst
+++ b/docs/tools/virtiofsd.rst
@@ -161,6 +161,55 @@ in which case a 'server' rule will always match on all
names from
the server.
+xattr-mapping Examples
+----------------------
+
+1) Prefix all attributes with 'user.virtiofs.'
+
+::
+
+-o xattrmap=":all:prefix::user.virtiofs.::all:bad:::"
+
+
+This uses two rules, using : as the field separator;
+the first rule prefixes and strips 'user.virtiofs.',
+the second rule hides any non-prefixed attributes that
+the host set.
+
+2) Prefix 'trusted.' attributes, allow others through
+
+::
+
+ "/all/prefix/trusted./user.virtiofs./
+ /server/bad//trusted./
+ /client/bad/user.virtiofs.trusted.//
+ /all/ok///"
+
+
+Here there are four rules, using / as the field
+separator, and also demonstrating that new lines can
+be included between rules.
+The first rule is the prefixing of 'trusted.'.
+The second rule hides unprefixed 'trusted.' attributes
+on the host.
+The third rule stops a guest from explicitily setting
+the 'user.viritofs.trusted.' path directly.
+Finally, the fourth rule lets all remaining attributes
+through.
+
+3) Hide 'security.' attributes, and allow everything else
+
+::
+
+ "/all/bad/security./security./
+ /all/ok///'
+
+The first rule combines what could be separate client and server
+rules into a single 'all' rule, matching 'security.' in either
+client arguments or lists returned from the host. This stops
+the client seeing any 'security.' attributes on the server and
+stops it setting any.
+
Examples
--------
--
2.26.2
- [PATCH v2 0/6] virtiofsd xattr name mappings, Dr. David Alan Gilbert (git), 2020/08/27
- [PATCH v2 2/6] virtiofsd: Add printf checking to fuse_log, Dr. David Alan Gilbert (git), 2020/08/27
- [PATCH v2 1/6] virtiofsd: Silence gcc warning, Dr. David Alan Gilbert (git), 2020/08/27
- [PATCH v2 3/6] tools/virtiofsd: xattr name mappings: Add option, Dr. David Alan Gilbert (git), 2020/08/27
- [PATCH v2 4/6] tools/virtiofsd: xattr name mappings: Map client xattr names, Dr. David Alan Gilbert (git), 2020/08/27
- [PATCH v2 5/6] tools/virtiofsd: xattr name mappings: Map server xattr names, Dr. David Alan Gilbert (git), 2020/08/27
- [PATCH v2 6/6] tools/virtiofsd: xattr name mapping examples,
Dr. David Alan Gilbert (git) <=