/snapd

Cap grant revoke #340

Closed
wants to merge 2 commits into
from

Conversation

Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@zyga @niemeyer
@zyga
Contributor

zyga commented Jan 19, 2016

NOTE: this depends on #338 -- please look at just 704e50c

Granted capabilities are modeled by the capability repository. The
repository stores a two-level map[CapabilityID]map[CapabilityID]bool.
The final value is dummy so the whole type acts as a set of pairs
(provided, consumed) where both fields represent the CapabilityID of the
provided and consumed capability.

This arrangement allows for multiple consumers of any capability and has
efficient lookup mechanism.

zyga added some commits Jan 19, 2016

@zyga
Identify capabilities with pairs (snap, cap) 
This patch makes capability name non-unique. Instead the pair (snap
name, capability name) is now the unique way to refer to capabilities in
the system.

This change is motivated by the need to resolve conflicts when more than
one snap wants to create a capability with a given name. Using the pair
makes the problem go away.

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

All checks have passed

3 successful checks
@snappy-m-o
Integration tests — Success 54 tests run, 0 skipped, 0 failed.
Details
continuous-integration/travis-ci/pr — The Travis CI build passed
Details
coverage/coveralls — Coverage increased (+0.01%) to 67.841%
Details
ac8465f
@zyga
Model granted capabilities 
Granted capabilities are modeled by the capability repository. The
repository stores a two-level map[CapabilityID]map[CapabilityID]bool.
The final value is dummy so the whole type acts as a set of pairs
(provided, consumed) where both fields represent the CapabilityID of the
provided and consumed capability.

This arrangement allows for multiple consumers of any capability and has
efficient lookup mechanism.

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

All checks have passed

3 successful checks
@snappy-m-o
Integration tests — Success 54 tests run, 0 skipped, 0 failed.
Details
continuous-integration/travis-ci/pr — The Travis CI build passed
Details
coverage/coveralls — Coverage increased (+0.08%) to 67.91%
Details
704e50c
@niemeyer
Contributor

niemeyer commented Jan 20, 2016

This needs work after the agreements related to #338. Please bring it back to life when ready.

@niemeyer niemeyer closed this Jan 20, 2016

@zyga zyga deleted the zyga:cap-grant-revoke branch Feb 1, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment