Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upadmin-local-* should include admin-global-* content #2996
Comments
rootkovska
added
bug
C: core
P: major
labels
Aug 8, 2017
rootkovska
added this to the Release 4.0 milestone
Aug 8, 2017
rootkovska
assigned
marmarek
Aug 8, 2017
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rootkovska
Aug 8, 2017
Member
BTW, we should also make sure that our automatics tests cover all the cases: both positive (calls allowed), but even more importantly negative (e.g. W-calls dropped when test VM given R-rights, etc).
/cc @woju
|
BTW, we should also make sure that our automatics tests cover all the cases: both positive (calls allowed), but even more importantly negative (e.g. W-calls dropped when test VM given R-rights, etc). /cc @woju |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
marmarek
Aug 8, 2017
Member
Are you sure about that inclusion? I think it may be useful to allow admin-global-rwx calls (creating VMs, setting up defaults, managing storage etc), but do not allow to manipulate existing VMs (where the data lives).
|
Are you sure about that inclusion? I think it may be useful to allow |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rootkovska
Aug 8, 2017
Member
I assume we agree about inclusion of global-ro into local-ro, right?
But you would like to keep global-rwx apart from local-rwx, correct?
|
I assume we agree about inclusion of global-ro into local-ro, right? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
marmarek
Aug 8, 2017
Member
Generally yes. But if you put it this way, I think such a difference may be confusing. So, I would not include it either for ro or rwx. This may mean some duplication of rules. But also, user (or rather: admin) can add such include when it suits particular use case.
|
Generally yes. But if you put it this way, I think such a difference may be confusing. So, I would not include it either for ro or rwx. This may mean some duplication of rules. But also, user (or rather: admin) can add such include when it suits particular use case. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
woju
Aug 8, 2017
Member
Out of principle I don't think there should be too many includes, since this would be a risk for maintainers. This would be another thing to remember for example if we wanted to write a new API call. I don't think that gains in terms of administration simplicity are worth the ideological complication, for both us and the administrator.
And as Marek said, if administrators choose to make such an include, they're always free to do so.
|
Out of principle I don't think there should be too many includes, since this would be a risk for maintainers. This would be another thing to remember for example if we wanted to write a new API call. I don't think that gains in terms of administration simplicity are worth the ideological complication, for both us and the administrator. And as Marek said, if administrators choose to make such an include, they're always free to do so. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rootkovska
Aug 9, 2017
Member
So, you guys say that we include make rwx -> ro inclusions, but not global -> local, correct?
I think I'm generally convinced by the "admin can add the include on her own" argument. Only worry is to make sure to add it in the "right direction". How about adding a commented includes (global -> local) to eliminate this potenotential mistake?
|
So, you guys say that we include make rwx -> ro inclusions, but not global -> local, correct? I think I'm generally convinced by the "admin can add the include on her own" argument. Only worry is to make sure to add it in the "right direction". How about adding a commented includes (global -> local) to eliminate this potenotential mistake? |
marmarek
closed this
in
marmarek/qubes-installer-qubes-os@2d3405d
Sep 12, 2017
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
|
Wrong issue referenced from commit. |
marmarek
reopened this
Sep 12, 2017
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
qubesos-bot
Sep 15, 2017
Automated announcement from builder-github
The package pykickstart-2.32-4.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:
sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing
qubesos-bot
commented
Sep 15, 2017
|
Automated announcement from builder-github The package
|
rootkovska commentedAug 8, 2017
admin-local-{ro,rwx}should includeadmin-global-{ro,rwx}respectively -- if something's allowed to read (write) the global state, it should also be allowed to read (write) the per-VM state.