diff options
| author | Dr. David Alan Gilbert | 2020-10-23 18:58:12 +0200 |
|---|---|---|
| committer | Dr. David Alan Gilbert | 2020-10-26 19:35:32 +0100 |
| commit | 1d84a0213a2ec7094abe6d896ce0ec0b5aa0cacf (patch) | |
| tree | 2a32448542354c13712bd028ca816a66bfbe49a4 /docs | |
| parent | tools/virtiofsd: xattr name mapping examples (diff) | |
| download | qemu-1d84a0213a2ec7094abe6d896ce0ec0b5aa0cacf.tar.gz qemu-1d84a0213a2ec7094abe6d896ce0ec0b5aa0cacf.tar.xz qemu-1d84a0213a2ec7094abe6d896ce0ec0b5aa0cacf.zip | |
tools/virtiofsd: xattr name mappings: Simple 'map'
The mapping rule system implemented in the last few patches is
extremely flexible, but not easy to use. Add a simple
'map' type as a sprinkling of sugar to make it easy.
e.g.
-o xattrmap=":map::user.virtiofs.:"
would be sufficient to prefix all xattr's
or
-o xattrmap=":map:trusted.:user.virtiofs.:"
would just prefix 'trusted.' xattr's and leave
everything else alone.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20201023165812.36028-6-dgilbert@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/tools/virtiofsd.rst | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst index d80c078d80..34a9e40146 100644 --- a/docs/tools/virtiofsd.rst +++ b/docs/tools/virtiofsd.rst @@ -147,6 +147,7 @@ Each rule consists of a number of fields separated with a separator that is the first non-white space character in the rule. This separator must then be used for the whole rule. White space may be added before and after each rule. + Using ':' as the separator a rule is of the form: ``:type:scope:key:prepend:`` @@ -219,6 +220,14 @@ e.g.: would hide 'security.' xattr's in listxattr from the server. +A simpler 'map' type provides a shorter syntax for the common case: + +``:map:key:prepend:`` + +The 'map' type adds a number of separate rules to add **prepend** as a prefix +to the matched **key** (or all attributes if **key** is empty). +There may be at most one 'map' rule and it must be the last rule in the set. + xattr-mapping Examples ---------------------- @@ -234,6 +243,11 @@ the first rule prefixes and strips 'user.virtiofs.', the second rule hides any non-prefixed attributes that the host set. +This is equivalent to the 'map' rule: + +:: +-o xattrmap=":map::user.virtiofs.:" + 2) Prefix 'trusted.' attributes, allow others through :: @@ -256,6 +270,11 @@ the 'user.virtiofs.' path directly. Finally, the fourth rule lets all remaining attributes through. +This is equivalent to the 'map' rule: + +:: +-o xattrmap="/map/trusted./user.virtiofs./" + 3) Hide 'security.' attributes, and allow everything else :: |